CVE-2017-6141 Vulnerability Details

  /     /     /  

CVE-2017-6141 Metadata Quick Info

CVE Published: 20/10/2017 | CVE Updated: 16/09/2024 | CVE Year: 2017
Source: f5 | Vendor: F5 Networks, Inc. | Product: F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, WebSafe
Status : PUBLISHED

---

CVE-2017-6141 Description

In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and WebSafe 12.1.0 through 12.1.2, certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket option enabled may cause disruption of service to the Traffic Management Microkernel (TMM). The Session Ticket option is disabled by default.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: TLS abbreviated handshake vulnerability
Source: F5 Networks, Inc.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).