CVE-2017-6130

Summary

F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT Auto Map option for egress traffic.

Affected Software

VendorProductVersion RangeStatus
F5 NetworksSSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0affected

Weaknesses

  • Server-Side Request Forgery

ADP Enrichment

CVE Program Container

Additional References

References