CVE-2016-7467 in BIG-IP APMinfo

Summary

The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authentication request from an authenticated user is sent via the SP connector.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

09/09/2016

Disclosure

04/11/2017

Moderation

VulDB entry created

Entries

VDB-99575 (1)

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

4.8

EPSS

0.01577

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7467
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7467
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7467/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!