CVE-2016-4545

Published on: 06/07/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:26:58 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Certain versions of Big-ip Access Policy Manager from F5 contain the following vulnerability:

Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service (resource consumption and Traffic Management Microkernel restart) via an SSL alert during the handshake.

  • CVE-2016-4545 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.5 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 5 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE PARTIAL

CVE References

Description Tags Link
F5 BIG-IP SSL Handshake Bug Lets Remote Users Deny Service - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1036025
SOL48042976 - BIG-IP SSL vulnerability CVE-2016-4545 Vendor Advisory
support.f5.com
text/html
URL Logo CONFIRM support.f5.com/kb/en-us/solutions/public/k/48/sol48042976.html

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationF5Big-ip Access Policy Manager11.5.4AllAllAll
ApplicationF5Big-ip Access Policy Manager11.5.4AllAllAll
ApplicationF5Big-ip Advanced Firewall Manager11.5.4AllAllAll
ApplicationF5Big-ip Advanced Firewall Manager11.5.4AllAllAll
ApplicationF5Big-ip Analytics11.5.4AllAllAll
ApplicationF5Big-ip Analytics11.5.4AllAllAll
ApplicationF5Big-ip Application Acceleration Manager11.5.4AllAllAll
ApplicationF5Big-ip Application Acceleration Manager11.5.4AllAllAll
ApplicationF5Big-ip Application Security Manager11.5.4AllAllAll
ApplicationF5Big-ip Application Security Manager11.5.4AllAllAll
ApplicationF5Big-ip Global Traffic Manager11.5.4AllAllAll
ApplicationF5Big-ip Global Traffic Manager11.5.4AllAllAll
ApplicationF5Big-ip Link Controller11.5.4AllAllAll
ApplicationF5Big-ip Link Controller11.5.4AllAllAll
ApplicationF5Big-ip Local Traffic Manager11.5.4AllAllAll
ApplicationF5Big-ip Local Traffic Manager11.5.4AllAllAll
ApplicationF5Big-ip Policy Enforcement Manager11.5.4AllAllAll
ApplicationF5Big-ip Policy Enforcement Manager11.5.4AllAllAll
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*: