vulnerability

F5 Networks: K30201296 (CVE-2017-0303): SOCKS proxy vulnerability CVE-2017-0303

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Oct 26, 2017	Oct 26, 2017	Mar 3, 2020

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Oct 26, 2017

Added

Oct 26, 2017

Modified

Mar 3, 2020

Description

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections.

Solution

f5-big-ip-upgrade-latest

References

URL-https://support.f5.com/csp/article/K30201296
NVD-CVE-2017-0303

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today