F5 BIG-IP APM CVE-2017-0301 Security Bypass Vulnerability

Bugtraq ID:	106188
Class:	Unknown
CVE:	CVE-2017-0301
Remote:	Yes
Local:	No
Published:	Dec 19 2017 12:00AM
Updated:	Dec 19 2017 12:00AM
Credit:	The vendor reported this issue.
Vulnerable:	F5 BIG-IP APM 12.1.2 F5 BIG-IP APM 12.1.1 F5 BIG-IP APM 12.0 F5 BIG-IP APM 11.6.1 F5 BIG-IP APM 11.5.3 F5 BIG-IP APM 11.5.2 F5 BIG-IP APM 11.5.1 F5 BIG-IP APM 12.1.0 F5 BIG-IP APM 11.6.0 F5 BIG-IP APM 11.5.4 F5 BIG-IP APM 11.5.0
Not Vulnerable:	F5 BIG-IP APM 12.1.3 F5 BIG-IP APM 11.6.2 F5 BIG-IP APM 11.5.5

F5 BIG-IP APM CVE-2017-0301 Security Bypass Vulnerability

F5 BIG-IP APM is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.

F5 BIG-IP APM CVE-2017-0301 Security Bypass Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

F5 BIG-IP APM CVE-2017-0301 Security Bypass Vulnerability

References:

• F5 BIG-IP Homepage (F5)
  
• K54358225: BIG-IP APM Portal Access vulnerability CVE-2017-0301 (F5)