CVE-2016-2084

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2016-2084
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration.

7.4 /10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

Exploitability : 2.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:N/A:P

Exploitability : 4.9 / Impact : 4.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://www.securitytracker.com/id/1035520
https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*

Configuration 7 (hide)

cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*

Configuration 8 (hide)

OR cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*

Configuration 9 (hide)

OR cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*

Configuration 10 (hide)

OR cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*

Configuration 11 (hide)

cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*

Configuration 12 (hide)

OR cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*

Configuration 13 (hide)

cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*

Configuration 14 (hide)

OR cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*

Configuration 15 (hide)

OR cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*

Configuration 16 (hide)

OR cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*

Configuration 17 (hide)

OR cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*

Configuration 18 (hide)

cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2016-04-13 16:59

Updated : 2024-02-04 18:53

NVD link : CVE-2016-2084

Mitre link : CVE-2016-2084

CVE.ORG link : CVE-2016-2084

JSON object : View

Products Affected

f5

  • big-ip_domain_name_system
  • big-ip_webaccelerator
  • big-iq_cloud
  • big-ip_application_acceleration_manager
  • big-ip_analytics
  • big-ip_advanced_firewall_manager
  • big-ip_access_policy_manager
  • big-ip_application_security_manager
  • big-iq_security
  • big-ip_link_controller
  • big-iq_device
  • big-ip_edge_gateway
  • big-ip_policy_enforcement_manager
  • big-ip_wan_optimization_manager
  • big-iq_application_delivery_controller
  • big-ip_global_traffic_manager
  • big-ip_protocol_security_module
  • big-ip_local_traffic_manager
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor