1.5.7

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

critical

NVD

Published: 2017-04-06

Updated: 2019-10-03

Summary

F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus SNAT Auto Map option for egress traffic.

Vulnerable Configurations

Part	Description	Count
Application	F5 F5 SSL Intercept Iapp 1.5.7 F5 SSL Intercept Iapp 1.5.0	2

References

https://support.f5.com/csp/article/K53244431