CVE-2017-6140 : What You Need to Know

A potential issue affecting various BIG-IP devices running specific versions of F5 Networks, Inc.'s software can lead to a disruption of data plane services.

Understanding CVE-2017-6140

This CVE involves a vulnerability that can be exploited to cause a denial of service on affected systems.

What is CVE-2017-6140?

The vulnerability in various BIG-IP devices can be triggered by sending specific packets to Virtual Servers using SSL profiles, resulting in data plane service disruption.

The Impact of CVE-2017-6140

The exploitation of this vulnerability can lead to a denial of service, affecting the availability of data plane services on the impacted devices.

Technical Details of CVE-2017-6140

This section provides detailed technical information about the CVE.

Vulnerability Description

An undisclosed combination of packets sent to Virtual Servers using SSL profiles on affected BIG-IP devices can disrupt data plane services.

Affected Systems and Versions

Products: BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM, PEM
Versions: 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1, 12.1.2

Exploitation Mechanism

The vulnerability is exploited by sending a specific sequence of packets to Virtual Servers with client or server SSL profiles, triggering the disruption of data plane services.

Mitigation and Prevention

Protecting systems from CVE-2017-6140 is crucial to maintaining security.

Immediate Steps to Take

Apply vendor-supplied patches promptly to mitigate the vulnerability.
Monitor network traffic for any signs of exploitation.
Implement network segmentation to limit the impact of potential attacks.

Long-Term Security Practices

Regularly update and patch software to address known vulnerabilities.
Conduct security assessments and penetration testing to identify and remediate weaknesses.

Patching and Updates

Stay informed about security advisories from F5 Networks, Inc. and apply patches as soon as they are available.