CVE-2016-7474
N/A
N/A
Summary
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| F5 Networks | F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM | 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.2.1, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 | affected |
Weaknesses
- MCPD data on disk may expose sensitive parameters
ADP Enrichment
CVE Program Container
Additional References
- https://support.f5.com/csp/article/K52180214
- http://www.securityfocus.com/bid/97198
- http://www.securitytracker.com/id/1038133
References
- https://support.f5.com/csp/article/K52180214
- http://www.securityfocus.com/bid/97198
- http://www.securitytracker.com/id/1038133
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.