CVE Vulnerabilities

CVE-2017-0305

Published: Apr 06, 2017 | Modified: Oct 03, 2019
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus SNAT Auto Map option for egress traffic.

Affected Software

Name Vendor Start Version End Version
Ssl_intercept_iapp F5 1.5.0 (including) 1.5.0 (including)
Ssl_intercept_iapp F5 1.5.7 (including) 1.5.7 (including)

References