Vulnerability Name: CVE-2016-5745 (CCN-117462) Assigned: 2016-10-03 Published: 2016-10-03 Updated: 2016-11-28 Summary: F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF11, 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2 allow remote attackers to modify or extract system configuration files via vectors involving NAT64. CVSS v3 Severity: 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H )8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H )8.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-284 Vulnerability Consequences: Bypass Security References: Source: MITRE Type: CNACVE-2016-5745 Source: BID Type: UNKNOWN94240 Source: CCN Type: BID-94240F5 BIG-IP LTM Products CVE-2016-5745 Security Bypass Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry1036927 Source: XF Type: UNKNOWNbigip-cve20165745-sec-bypass(117462) Source: CCN Type: F5 Security Advisory sol64743453NAT64 vulnerability CVE-2016-5745 Source: CONFIRM Type: Vendor Advisoryhttps://support.f5.com/kb/en-us/solutions/public/k/64/sol64743453.html Vulnerable Configuration: Configuration 1 :cpe:/a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:* Denotes that component is vulnerable BACK
f5 big-ip local traffic manager 11.0.0
f5 big-ip local traffic manager 11.1.0
f5 big-ip local traffic manager 11.2.0
f5 big-ip local traffic manager 11.2.1
f5 big-ip local traffic manager 11.3.0
f5 big-ip local traffic manager 11.4.0
f5 big-ip local traffic manager 11.4.1
f5 big-ip local traffic manager 11.5.0
f5 big-ip local traffic manager 11.5.1
f5 big-ip local traffic manager 11.5.2
f5 big-ip local traffic manager 11.5.3
f5 big-ip local traffic manager 11.5.4
f5 big-ip local traffic manager 11.6.0
f5 big-ip local traffic manager 11.6.1
f5 big-ip local traffic manager 12.0.0
f5 big-ip local traffic manager 12.1.0
f5 big-ip advanced firewall manager 11.5.1
f5 big-ip global traffic manager 11.5.1
f5 big-ip link controller 11.5.1
f5 big-ip access policy manager 11.4.0
f5 big-ip link controller 11.5.0
f5 big-ip local traffic manager 11.5.0
f5 big-ip local traffic manager 11.6.0
f5 big-ip advanced firewall manager 11.6.0