CVE-2016-5024

Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
f5CNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
f5big-ip_local_traffic_manager
11.6.1
f5big-ip_local_traffic_manager
12.1.0
f5big-ip_local_traffic_manager
12.1.1
f5big-ip_application_acceleration_manager
11.6.1
f5big-ip_application_acceleration_manager
12.1.0
f5big-ip_application_acceleration_manager
12.1.1
f5big-ip_advanced_firewall_manager
11.6.1
f5big-ip_advanced_firewall_manager
12.1.0
f5big-ip_advanced_firewall_manager
12.1.1
f5big-ip_analytics
11.6.1
f5big-ip_analytics
12.1.0
f5big-ip_analytics
12.1.1
f5big-ip_access_policy_manager
11.6.1
f5big-ip_access_policy_manager
12.1.0
f5big-ip_access_policy_manager
12.1.1
f5big-ip_application_security_manager
11.6.1
f5big-ip_application_security_manager
12.1.0
f5big-ip_application_security_manager
12.1.1
f5big-ip_domain_name_system
12.1.0
f5big-ip_domain_name_system
12.1.1
f5big-ip_global_traffic_manager
11.6.1
f5big-ip_link_controller
11.6.1
f5big-ip_link_controller
12.1.0
f5big-ip_link_controller
12.1.1
f5big-ip_policy_enforcement_manager
11.6.1
f5big-ip_policy_enforcement_manager
12.1.0
f5big-ip_policy_enforcement_manager
12.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/95228
http://www.securitytracker.com/id/1037510
https://support.f5.com/csp/#/article/K92859602
http://www.securityfocus.com/bid/95228
http://www.securitytracker.com/id/1037510
https://support.f5.com/csp/#/article/K92859602