CVE-2017-0303 - Vulnerability Details

Vendors	Products
F5	Big-ip Access Policy Manager Big-ip Advanced Firewall Manager Big-ip Application Acceleration Manager Big-ip Application Security Manager Big-ip Link Controller Big-ip Local Traffic Manager Big-ip Policy Enforcement Manager Big-ip Websafe

Link	Providers
http://www.securityfocus.com/bid/101612
http://www.securitytracker.com/id/1039674
https://support.f5.com/csp/article/K30201296

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe", "vendor": "F5 Networks, Inc.", "versions": [{"status": "affected", "version": "13.0.0"}, {"status": "affected", "version": "12.0.0 - 12.1.2"}, {"status": "affected", "version": "11.5.1 - 11.6.1"}]}], "datePublic": "2017-10-26T00:00:00", "descriptions": [{"lang": "en", "value": "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections."}], "problemTypes": [{"descriptions": [{"description": "denial of service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-01T09:57:01", "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K30201296"}, {"name": "101612", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101612"}, {"name": "1039674", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039674"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "f5sirt@f5.com", "DATE_PUBLIC": "2017-10-26T00:00:00", "ID": "CVE-2017-0303", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe", "version": {"version_data": [{"version_value": "13.0.0"}, {"version_value": "12.0.0 - 12.1.2"}, {"version_value": "11.5.1 - 11.6.1"}]}}]}, "vendor_name": "F5 Networks, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "denial of service"}]}]}, "references": {"reference_data": [{"name": "https://support.f5.com/csp/article/K30201296", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K30201296"}, {"name": "101612", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101612"}, {"name": "1039674", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039674"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T13:03:56.546Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K30201296"}, {"name": "101612", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/101612"}, {"name": "1039674", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039674"}]}]}, "cveMetadata": {"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "assignerShortName": "f5", "cveId": "CVE-2017-0303", "datePublished": "2017-10-27T14:00:00Z", "dateReserved": "2016-11-09T00:00:00", "dateUpdated": "2024-09-16T23:00:41.490Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe (string)

vendor : F5 Networks, Inc. (string)

versions : [ »

0 : { »

status : affected (string)

version : 13.0.0 (string)

}

1 : { »

status : affected (string)

version : 12.0.0 - 12.1.2 (string)

}

2 : { »

status : affected (string)

version : 11.5.1 - 11.6.1 (string)

}

]

}

]

datePublic : 2017-10-26T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : denial of service (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-11-01T09:57:01 (string)

orgId : 9dacffd4-cb11-413f-8451-fbbfd4ddc0ab (string)

shortName : f5 (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://support.f5.com/csp/article/K30201296 (string)

}

1 : { »

name : 101612 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/101612 (string)

}

2 : { »

name : 1039674 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1039674 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : f5sirt@f5.com (string)

DATE_PUBLIC : 2017-10-26T00:00:00 (string)

ID : CVE-2017-0303 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe (string)

version : { »

version_data : [ »

0 : { »

version_value : 13.0.0 (string)

}

1 : { »

version_value : 12.0.0 - 12.1.2 (string)

}

2 : { »

version_value : 11.5.1 - 11.6.1 (string)

}

]

}

]

}

vendor_name : F5 Networks, Inc. (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : denial of service (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://support.f5.com/csp/article/K30201296 (string)

refsource : CONFIRM (string)

url : https://support.f5.com/csp/article/K30201296 (string)

}

1 : { »

name : 101612 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/101612 (string)

}

2 : { »

name : 1039674 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1039674 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T13:03:56.546Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://support.f5.com/csp/article/K30201296 (string)

}

1 : { »

name : 101612 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/101612 (string)

}

2 : { »

name : 1039674 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1039674 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 9dacffd4-cb11-413f-8451-fbbfd4ddc0ab (string)

assignerShortName : f5 (string)

cveId : CVE-2017-0303 (string)

datePublished : 2017-10-27T14:00:00Z (string)

dateReserved : 2016-11-09T00:00:00 (string)

dateUpdated : 2024-09-16T23:00:41.490Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "55DB51A2-727F-469D-9C53-7E3EBE7FC56E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "8F6C3144-D0DE-4248-BFCD-04A7E6104044", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "0357B5ED-0600-4756-93E5-692987068596", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BA7D64DC-7271-4617-BD46-99C8246779CA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "D0450EF1-FA99-4552-8790-C16A1CC0D486", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BEB228A9-0C01-4531-B2B2-38BB7B0E02E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "B8D062ED-6A53-4402-A00B-F80722CD6624", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "BC827031-CA39-4081-8CE0-30EAC78DF756", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7569903B-3A15-4A10-863B-6828337DD268", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "45825991-D17D-42F1-87B4-7DF86B098B45", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "3C77AA08-113B-4DF3-BFCD-61F77574DACA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "5FC866D4-CE8C-4408-AD1E-8643AC554CC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "7563D979-BE37-4251-B92E-0DBDBE53F3FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BCF89E7C-806E-4800-BAA9-0225433B6C56", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "9AAAE358-497F-4108-821B-AA3604D7308A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "E24A3C71-0075-4738-B114-267337D050CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7569977A-E567-4115-B00C-4B0CBA86582E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "7DAED537-070D-4600-B6E1-C03D021BB647", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4913B437-33FF-4B5E-A855-9DA00B35E3B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDCFE65B-340B-4F7D-93A1-4390BBC8E67F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "72099A8A-CFA4-4D58-859E-C51FE3E07DE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "64273A2C-E5A1-4605-92DD-EBECC7F051D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E60CA151-1C3A-45B3-B939-E6F80063C595", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "58BAD5A9-9C67-4056-9344-07C8C42C8E88", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "42821916-E601-4831-B37B-3202ACF2C562", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_websafe:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9E6556BF-A50D-4872-BF81-9397A7ECEC9C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections."}, {"lang": "es", "value": "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM y Websafe en sus versiones de software 13.0.0, de la 12.0.0 a la 12.1.2 y de la 11.5.1 a la 11.6.1, y bajo ciertas circunstancias, las conexiones gestionadas por un servidor virtual con un perfil SOCKS asociado puede que no se limpien correctamente, pudiendo provocar que se agotan los recursos. Las conexiones se pueden dejar en la tabla de conexiones, pudiendo solo eliminarse reiniciando el TMM. Con el tiempo, esto puede hacer que el BIG-IP no pueda procesar m\u00e1s conexiones."}], "id": "CVE-2017-0303", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-27T14:29:00.233", "references": [{"source": "f5sirt@f5.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101612"}, {"source": "f5sirt@f5.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039674"}, {"source": "f5sirt@f5.com", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K30201296"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101612"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039674"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K30201296"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-459"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E5D27D4A-BD5C-4FA9-AA72-F7956298DE06 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 12F86EB5-D581-4103-A802-44D968BA8D55 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:* (string)

matchCriteriaId : E6203A11-82C3-4ABA-94E9-085BFF1A0E4C (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 06224D59-35F8-4168-80C5-CF5B17E99050 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 55DB51A2-727F-469D-9C53-7E3EBE7FC56E (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 2FF5A5F6-4BA3-4276-8679-B5560EACF2E0 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : A2B502F2-404C-463B-B6BE-87489DC881F9 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : A82C7B1C-E195-4D94-B604-78FB464C4F81 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 8F6C3144-D0DE-4248-BFCD-04A7E6104044 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 0357B5ED-0600-4756-93E5-692987068596 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : BA7D64DC-7271-4617-BD46-99C8246779CA (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : A4489382-0668-4CFB-BA89-D54762937CEE (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 9850D0AA-B173-47B2-9B69-75E6D1FAF490 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 40994EB4-4D31-4697-964D-1F0B09864DF2 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.5:*:*:*:*:*:*:* (string)

matchCriteriaId : D0450EF1-FA99-4552-8790-C16A1CC0D486 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E5B40837-EC2B-41FB-ACC3-806054EAF28C (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 48BE0210-7058-462A-BA17-845D3E4F52FA (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 3CA2FA6B-3930-432F-8FB5-E73604CEFE42 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : ECA90FB8-E2CD-400F-B753-1B482E7FAC96 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : BEB228A9-0C01-4531-B2B2-38BB7B0E02E9 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 3D75D5AD-C20A-4D94-84E0-E695C9D2A26D (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 3755740D-F1DC-4910-ADDD-9D491515201C (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : EA244A7D-F65D-4114-81C8-CE811959EA10 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 5EA9F72C-8344-4370-B511-31BEC8BA63E8 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 96CF015E-C74B-4215-9103-8087BC1D12AB (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:* (string)

matchCriteriaId : CFE4DB00-433D-414A-A1CE-E507B9BB809B (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.5:*:*:*:*:*:*:* (string)

matchCriteriaId : B8D062ED-6A53-4402-A00B-F80722CD6624 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : B276E4DF-69FC-4158-B93A-781A45605034 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : CBAB92C5-2D50-49CC-AECA-0D16BC44A788 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 532AAF54-64EF-4852-B4F1-D5E660463704 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : BC827031-CA39-4081-8CE0-30EAC78DF756 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 7569903B-3A15-4A10-863B-6828337DD268 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 45825991-D17D-42F1-87B4-7DF86B098B45 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 8C4E5F36-434B-48E1-9715-4EEC22FB23D1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 1C0312FC-8178-46DE-B4EE-00F2895073BA (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : BC6C5628-14FF-4D75-B62E-D4B2707C1E3D (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : C9E574F6-34B6-45A6-911D-E5347DA22F69 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:* (string)

matchCriteriaId : BCF94129-8779-4D68-8DD4-B828CA633746 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:* (string)

matchCriteriaId : BA2E88AA-0523-48D0-8664-6AFDBCB6C940 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 3C77AA08-113B-4DF3-BFCD-61F77574DACA (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : CFA77C6B-72DB-4D57-87CF-11F2C7EDB828 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : E33BCA5B-CE91-451C-9821-2023A9E461C1 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 5FC866D4-CE8C-4408-AD1E-8643AC554CC9 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 7563D979-BE37-4251-B92E-0DBDBE53F3FF (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : BCF89E7C-806E-4800-BAA9-0225433B6C56 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 1AD2C1D2-103E-4B0F-84AA-999F01E695F0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 855E91A4-0A0C-4E5C-8019-FB513A793803 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : FCCC2092-E109-4FF6-9B85-6C9434269851 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 8923BB93-96C1-417B-9172-4A81E731EBA2 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 274E34BF-82A5-4D9E-BC72-202193A47A5A (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:11.5.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 9AAAE358-497F-4108-821B-AA3604D7308A (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 475F0EF8-42CB-4099-9C4A-390F946C4924 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 94DBCD7A-E4DA-4C08-87A4-960CF53A83E6 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 62B0A70A-D101-443E-A543-5EC35E23D66F (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 2DB2118A-0F9C-4273-BB07-85FEA32C785B (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 8541C9EF-69A8-4641-B173-3BCE0EDD20A8 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : E24A3C71-0075-4738-B114-267337D050CD (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 7569977A-E567-4115-B00C-4B0CBA86582E (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 13E6D2CA-CC4F-4317-A842-4DF0693B0CB6 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : AB017D7A-3290-4EF5-9647-B488771A5F32 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 4F316C54-FAE4-48D8-9E40-ED358C30BF24 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:* (string)

matchCriteriaId : AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:11.5.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 7DAED537-070D-4600-B6E1-C03D021BB647 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 5CDEC701-DAB3-4D92-AA67-B886E6693E46 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 8C641B4F-DCFF-4A1B-9E00-EDF18A270241 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E90C12AF-44BA-44A2-89ED-0C2497EEC8A6 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 4913B437-33FF-4B5E-A855-9DA00B35E3B3 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : EDCFE65B-340B-4F7D-93A1-4390BBC8E67F (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E2C4414E-8016-48B5-8CC3-F97FF2D85922 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

6 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 1B6EA0C0-9C26-4A87-98F1-5B317D606ECB (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 4D379372-A226-4230-B1F3-04C696518BD8 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 22FAC35D-2803-49B0-9382-F14594B88FC5 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 3C72257B-FF99-4707-A0E3-316D538B1CF6 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 72099A8A-CFA4-4D58-859E-C51FE3E07DE7 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : C1EA4F45-35F7-4687-8D1A-A5ACD846500A (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 23FF9627-E561-4CF7-A685-6E33D2F6C98C (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 64273A2C-E5A1-4605-92DD-EBECC7F051D5 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : E60CA151-1C3A-45B3-B939-E6F80063C595 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 58BAD5A9-9C67-4056-9344-07C8C42C8E88 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 42821916-E601-4831-B37B-3202ACF2C562 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

7 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f5:big-ip_websafe:1.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 9E6556BF-A50D-4872-BF81-9397A7ECEC9C (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections. (string)

}

1 : { »

lang : es (string)

value : En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM y Websafe en sus versiones de software 13.0.0, de la 12.0.0 a la 12.1.2 y de la 11.5.1 a la 11.6.1, y bajo ciertas circunstancias, las conexiones gestionadas por un servidor virtual con un perfil SOCKS asociado puede que no se limpien correctamente, pudiendo provocar que se agotan los recursos. Las conexiones se pueden dejar en la tabla de conexiones, pudiendo solo eliminarse reiniciando el TMM. Con el tiempo, esto puede hacer que el BIG-IP no pueda procesar más conexiones. (string)

}

]

id : CVE-2017-0303 (string)

lastModified : 2025-04-20T01:37:25.860 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2017-10-27T14:29:00.233 (string)

references : [ »

0 : { »

source : f5sirt@f5.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/101612 (string)

}

1 : { »

source : f5sirt@f5.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id/1039674 (string)

}

2 : { »

source : f5sirt@f5.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.f5.com/csp/article/K30201296 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/101612 (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id/1039674 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.f5.com/csp/article/K30201296 (string)

}

]

sourceIdentifier : f5sirt@f5.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-459 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object