Vulnerability Change Records for CVE-2017-6168

Change History

CVE Modified by F5 Networks 11/18/2017 9:29:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1039839 [No Types Assigned]

Initial Analysis 12/05/2017 8:37:09 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:f5:big-ip_aam:*:*:*:*:*:*:*:* versions from (including) 11.6.0 up to (including) 11.6.2
     *cpe:2.3:a:f5:big-ip_aam:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (including) 12.1.2
     *cpe:2.3:a:f5:big-ip_aam:13.0.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:f5:big-ip_afm:*:*:*:*:*:*:*:* versions from (including) 11.6.0 up to (including) 11.6.2
     *cpe:2.3:a:f5:big-ip_afm:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (including) 12.1.2
     *cpe:2.3:a:f5:big-ip_afm:13.0.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 11.6.0 up to (including) 11.6.2
     *cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (including) 12.1.2
     *cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:f5:big-ip_apm:*:*:*:*:*:*:*:* versions from (including) 11.6.0 up to (including) 11.6.2
     *cpe:2.3:a:f5:big-ip_apm:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (including) 12.1.2
     *cpe:2.3:a:f5:big-ip_apm:13.0.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:f5:big-ip_asm:*:*:*:*:*:*:*:* versions from (including) 11.6.0 up to (including) 11.6.2
     *cpe:2.3:a:f5:big-ip_asm:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (including) 12.1.2
     *cpe:2.3:a:f5:big-ip_asm:13.0.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 11.6.0 up to (including) 11.6.2
     *cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (including) 12.1.2
     *cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:f5:big-ip_ltm:*:*:*:*:*:*:*:* versions from (including) 11.6.0 up to (including) 11.6.2
     *cpe:2.3:a:f5:big-ip_ltm:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (including) 12.1.2
     *cpe:2.3:a:f5:big-ip_ltm:13.0.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:f5:big-ip_pem:*:*:*:*:*:*:*:* versions from (including) 11.6.0 up to (including) 11.6.2
     *cpe:2.3:a:f5:big-ip_pem:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (including) 12.1.2
     *cpe:2.3:a:f5:big-ip_pem:13.0.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:f5:websafe:11.6.2:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:websafe:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (including) 12.1.2
     *cpe:2.3:a:f5:websafe:13.0.0:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Added CVSS V3

								
							
							
						
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Added CWE

								
							
							
						
CWE-310
Changed Reference Type
http://www.securityfocus.com/bid/101901 No Types Assigned
http://www.securityfocus.com/bid/101901 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1039839 No Types Assigned
http://www.securitytracker.com/id/1039839 Third Party Advisory, VDB Entry
Changed Reference Type
https://support.f5.com/csp/article/K21905460 No Types Assigned
https://support.f5.com/csp/article/K21905460 Issue Tracking, Mitigation, Vendor Advisory

CVE Modified by F5 Networks 11/21/2017 9:29:04 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/101901 [No Types Assigned]

Modified Analysis 1/05/2018 9:9:59 AM

Action Type Old Value New Value
Changed CVSS V3
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Changed Reference Type
https://robotattack.org/ No Types Assigned
https://robotattack.org/ Technical Description, Third Party Advisory
Changed Reference Type
https://www.kb.cert.org/vuls/id/144389 No Types Assigned
https://www.kb.cert.org/vuls/id/144389 Third Party Advisory, US Government Resource

CWE Remap 10/02/2019 8:3:26 PM

Action Type Old Value New Value
Changed CWE
CWE-310
CWE-203