Vulnerability Details : CVE-2017-6165
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the "/var/log/ltm" log file.
Exploit prediction scoring system (EPSS) score for CVE-2017-6165
Probability of exploitation activity in the next 30 days: 0.54%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 74 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2017-6165
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2017-6165
-
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-6165
-
http://www.securitytracker.com/id/1039638
F5 BIG-IP on VIPRION Lets Local Users View the SafeNet External Network HSM Password - SecurityTrackerThird Party Advisory;VDB Entry
-
https://support.f5.com/csp/article/K74759095
Vendor Advisory
-
http://www.securityfocus.com/bid/101543
Multiple F5 BIG-IP Products CVE-2017-6165 Local Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
Products affected by CVE-2017-6165
- cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:12.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_websafe:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_websafe:12.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_websafe:11.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_websafe:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_websafe:11.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_websafe:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_websafe:12.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_websafe:12.1.1:*:*:*:*:*:*:*