vulnerability

F5 Networks: CVE-2017-6142: K20682450: BIG-IP AFM vulnerability CVE-2017-6142

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:P/A:N)	Jan 18, 2018	Jun 7, 2018	Apr 23, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

Jan 18, 2018

Added

Jun 7, 2018

Modified

Apr 23, 2026

Description

X509 certificate verification was not correctly implemented in the early access "user id" feature in the F5 BIG-IP Advanced Firewall Manager versions 13.0.0, 12.1.0-12.1.2, and 11.6.0-11.6.2, and thus did not properly validate the remote server's identity on certain versions of BIG-IP.

Solution

f5-big-ip-upgrade-latest

References

CVE-2017-6142
https://attackerkb.com/topics/CVE-2017-6142
CWE-295
EUVD-EUVD-2017-15207
https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-15207
https://my.f5.com/manage/s/article/K20682450

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report