VARIoT IoT vulnerabilities database

HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended access restrictions via unspecified vectors. Multiple HP Products are prone to a local security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This vulnerability could be locally exploited to allow access restriction bypass. References: - CVE-2016-4381 - PSRT110214 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - Full installer updates: https://h20575.www2.hp.com/usbportal/softwareupdate.do - Patches: https://h20575.www2.hpe.com/tsusbportal/index.do?lc=EN_US&src=HPSC **Note:** A valid HPE Passport account is needed to download the patches. Please contact HPE Technical Support for assistance. HISTORY Version:1 (rev.1) - 1 September 2016 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJXyJX9AAoJEGIGBBYqRO9/M/wH/26FtoAFFJZ2vb9Y3nF3rIzu lS0Vd+kOf45OVntpJ3e5MLISEBWMxdibNTG49iXsqS0H/BsEV9j09oAHHjCpwylk OwPB0v0xVzCuI3mUgQ8ANBj4oIkYzRv0vfwbAwpMrrAA2goLxijhxxUR9sE4Zrz3 93FwNW2H/IUq7ma5LCUDzudNgDfXR6iTH7zKJKLYDz/mPBwD/IJGtv8Si6O5oZ03 hUOqNl6irkP+415K358PU927CcQcFkLY+Wv3OsitG+w1AILRE5IV4aqIPVJCPwUl U9vTn5jyVkHz0FHr45eK6V+ts2xaGbKYcW4fYIzfAoYUO/YBULiZ8Zwlr/TNM+g= =Dh4J -----END PGP SIGNATURE-----

Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote authenticated users to read arbitrary files via a crafted pathname in an HTTP request, aka Bug ID CSCuz27255. Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application. This may aid in further attacks. The software provides functions such as configuring, managing and monitoring services of Cisco HCM-F

The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385. CiscoSmallBusinessSPA300 and so on are Cisco's S-series IP telephony products. A denial of service vulnerability exists in CiscoSmallBusinessSPA300Series/SPA500Series and SPA51xIPPhones. An attacker could exploit the vulnerability to cause a denial of service. Cisco Small Business SPA300 and SPA500 Series IP Phones are prone to a remote denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCut67385. Cisco SPA300 and so on are the S series IP telephone products of Cisco (Cisco). HTTP framework is one of the HTTP frameworks

Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service (device reload) by sending crafted Inter-Access Point Protocol (IAPP) packets and then sending a traffic stream metrics (TSM) information request over SNMP, aka Bug ID CSCuz40221. Cisco Wireless LAN Controller (WLC) Device has a service disruption ( Device reload ) There are vulnerabilities that are put into a state. An unauthenticated attacker with a physical location approaching the vulnerability to restart the WLC unexpectedly can cause a denial of service. Attackers can exploit this issue to restart the affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuz40221. A denial of service vulnerability exists in Cisco WLC versions 8.0.140, 8.2.121.0, and 8.3.102.0

Goigi CMS has a universal password bypass vulnerability in the background /admin/index.php login. You can use '=' 'or' to bypass login verification. When the login is successful, the page returns 302 and the location = location: dashboard in the http header. If the login fails, the returned location: index.php? Login = failed

Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote attackers to write to arbitrary files via a crafted URL, aka Bug ID CSCuz64717. Vendors have confirmed this vulnerability Bug ID CSCuz64717 It is released as.Skillfully crafted by a third party URL May be written to any file via. Exploiting this issue can allow an attacker to write out arbitrary files. This issue is being tracked by Cisco Bug ID CSCuz64717. The software provides functions such as configuring, managing and monitoring services of Cisco HCM-F

Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community, which allows remote attackers to read or modify SNMP objects by leveraging knowledge of this community, aka Bug ID CSCuz76216. CiscoSmallBusiness220SeriesSmartPlusSwitches is a series of 220 series stackable managed switches from Cisco. An unauthorized access vulnerability exists in CiscoSmallBusiness220SeriesSmartPlusSwitches. An attacker could exploit the vulnerability to gain unauthorized access to an affected device. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCuz76216. The vulnerability is caused by the default SNMP community string in the program

Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted file, aka Bug ID CSCuz80455. Cisco WebEx Meetings Player is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to crash the affected application resulting in denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCuz80455. Cisco WebEx Meetings Player version T29.10 is vulnerable; other versions may also be affected. The vulnerability is caused by the program not handling user-supplied files correctly

Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375. An attacker can exploit this issue to execute arbitrary code on the affected system with privileges of the user. This may aid in further attacks. This issue being tracked by Cisco Bug ID CSCva09375. Cisco WebEx Meetings Player T29.10 is vulnerable; other versions may also be affected. The vulnerability stems from the fact that the program does not properly handle user-supplied files

Media Origination System Suite Software 2.6 and earlier in Cisco Virtual Media Packager (VMP) allows remote attackers to bypass authentication and make arbitrary Platform and Applications Manager (PAM) API calls via unspecified vectors, aka Bug ID CSCuz52110. Vendors have confirmed this vulnerability Bug ID CSCuz52110 It is released as.Authentication is bypassed by a third party and any Platform and Applications Manager (PAM) API A call may be made. CiscoVirtualMediaPackager is a virtual media packaging device. An unauthorized access vulnerability exists in Cisco VirtualMediaPackager (VMP) versions 2.6 and earlier, allowing attackers to obtain sensitive information. Attackers can exploit this issue to gain unauthorized access to the affected device. This may aid in further attacks. The issue is being tracked by Cisco Bug ID CSCuz52110 . The solution supports media ingestion, recording, storage and distribution, and more

Cross-site request forgery (CSRF) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuz76230. Vendors have confirmed this vulnerability Bug ID CSCuz76230 It is released as.A third party may be able to hijack the authentication of any user. CiscoSmallBusiness220SeriesSmartPlusSwitches is a series of 220 series stackable managed switches from Cisco. A cross-site request forgery vulnerability exists in CiscoSmallBusiness220SeriesSmartPlusSwitches. An attacker could exploit the vulnerability to perform unauthorized actions. Other attacks are also possible. This issue is being tracked by Cisco Bug ID CSCuz76230

Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz76232. The CiscoSmallBusiness220Series SmartPlusSwitches is a smart switch. The CiscoSmallBusiness220SeriesSmartPlusSwitches cross-site scripting vulnerability fails to properly validate user-submitted input, allowing an attacker to exploit exploits to execute arbitrary code in the browser context and steal cookie-based authentication information. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCuz76232

The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to cause a denial of service (interface outage) via a crafted HTTP request, aka Bug ID CSCuz76238. CiscoSmallBusiness220SeriesSmartPlusSwitches is a series of 220 series stackable managed switches from Cisco. A denial of service vulnerability exists in CiscoSmallBusiness220SeriesSmartPlusSwitches. An attacker could exploit the vulnerability to cause a denial of service. Cisco Small Business 220 Series Smart Plus Switches are prone to a remote denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCuz76238. Cisco Small Business 220 Series Smart Plus Switches running firmware release 1.0.0.17, 1.0.0.18, or 1.0.0.19 are vulnerable

The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device restart) via a malformed wIPS packet, aka Bug ID CSCuz40263. Vendors have confirmed this vulnerability Bug ID CSCuz40263 It is released as.Malformed by a third party wIPS Service disruption via packets ( Reboot device ) There is a possibility of being put into a state. The Cisco Wireless LAN Controller is a Cisco Wireless LAN Controller. Cisco Wireless LANController has a denial of service vulnerability that allows an attacker to initiate a denial of service attack. Attackers can exploit this issue to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCuz40263

ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation. ZKTecoZKAccessProfessional is an access control management system. ZKTecoZKAccessProfessional3.5.3 file privilege escalation vulnerability caused by the error attribute of the authenticated user of the 'M' flag. ZKAccess 3.5 is a desktop software which is suitablefor small and medium businesses application. Compatible withall ZKAccess standalone reader controllers, the software cansimultaneously manage access control and generate attendancereport. The brand new flat GUI design and humanized structureof new ZKAccess 3.5 will make your daily management more pleasantand convenient.ZKAccess suffers from an elevation of privileges vulnerabilitywhich can be used by a simple authenticated user that can change theexecutable file with a binary of choice. The vulnerability exist dueto the improper permissions, with the 'M' flag (Modify) for 'Authenticated Users'group.Tested on: Microsoft Windows 7 Ultimate SP1 (EN)Microsoft Windows 7 Professional SP1 (EN)

Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. HP Operations Manager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05249833 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05249833 Version: 1 HPSBGN03637 rev.1 - HP Operations Manager for Unix, Solaris, and Linux, Remote Cross-Site Scripting (XSS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2016-08-30 Last Updated: 2016-08-30 Potential Security Impact: Remote Cross-Site Scripting (XSS) Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY A potential vulnerability has been identified in the AdminUI of the HP Operations Manager for Unix, Solaris, and Linux. The vulnerability could be exploited remotely resulting in Cross-Site Scripting (XSS). References: CVE-2016-4380 PSRT110209 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Operations Manager for Unix - v9.21.x and versions prior to v9.21.130 HP Operations Manager for Solaris - v9.21.x and versions prior to v9.21.130 HP Operations Manager for Linux - v9.21.x and versions prior to v9.21.130 BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2016-4380 3.1 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 RESOLUTION HPE has made the following update available to resolve the vulnerability in the impacted versions of HP Operations Manager (OM) for Unix/Solaris/Linux. Please download the patch HP OM v9.21.130 from following location: https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facetse arch/document/KM322544?lang=en&cc=us&hpappid 2392_SSO_PRO_HPE HISTORY Version:1 (rev.1) - 30 August 2016 - Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJXxhXjAAoJEGIGBBYqRO9/XKAIAMdqprpOGRtWyJ5sERZdPK7o yBgSZbVPSBV1erOdH31Tz7ynx9hrLAotnnMq4+Yain2W3OSINHadC6wFXVeK5wZa xm2NQ81z/KM4AStGwaon2e2gEBUrTFwH01IzMBoaLh4bCjoqgcP5CwJhzgxmqGMB dSlOE3y1pSDpvnN5WFjSD0w2UBsuw7kTcKFvF6IEoWQPhOb98FiJU2MhLHZYWkrg zEF+9/cK1R2s2j9VU6877XczceTT+Az4JZnWfDKkE0Dg2Kj+IFDN9aGt+HhM7VJy 0xB37ZEfaccaKziVRr8QtsytR9GDwMAyorh9W0PrSP5Zt0JTP7bZNUz626DEUvo= =kZIT -----END PGP SIGNATURE-----

Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser within the trust relationship between their browser and the server. plural Moxa The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. MoxaOnCellG3100 and others are IP gateway products of Moxa

The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response. Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause a denial-of-service condition. F5 BIG-IP Analytics and others are products of F5 Corporation of the United States. F5 BIG-IP Analytics is a suite of web application performance analysis software. APM is a set of solutions that provide secure and unified access to business-critical applications and networks. LTM is a local traffic manager. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM, Link Controller Versions 10.2.1 to 10.2.4, Versions 11.2.1, Versions 11.4.x, Versions 11.5.x prior to 11.5.4 HF2, 11.6 11.6.x prior to .1, 12.0.0 prior to HF3, BIG-IP AAM, AFM, PEM 11.4.x prior to 11.5.4 11.5.x prior to HF2, 11.6.x prior to 11.6.1 , 12.0.0 prior to HF3, BIG-IP Analytics 11.2.1, 11.4.x, 11.5.4 11.5.x prior to HF2, 11.6.x prior to 11.6.1, 12.0.0 prior to HF3 version, BIG-IP DNS HF3 prior to 12.0.0, BIG-IP Edge Gateway, WebAccelerator, WOM 10.2.1 to 10.2.4, 11.2.1, BIG-IP GTM 10.2.1 to 10.2.4, 11.2.1 releases, 11.4.x releases, 11.5.x releases prior to 11.5.4 HF2, 11.6.x releases prior to 11.6.1, BIG-IP PSM 10.2.1 to 10.2.4 releases, 11.4.0 to 11.4. 1 version

The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack. This vulnerability "Vaudenay attack " It is called.A third party may obtain important information through a padding oracle attack. HP Integrated Lights-Out is prone to an information-disclosure vulnerability. Versions prior to HP Integrated Lights-Out 3 1.88 are vulnerable. HPE Integrated Lights-Out 3 (iLO3) is an embedded server management technology of Hewlett Packard Enterprise (HPE), which uses an integrated remote management port to monitor and maintain the health of the server and remotely manage the server wait. The source program of the vulnerability does not use the MAC protection mechanism correctly. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05249760 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05249760 Version: 1 HPSBHF03641 rev.1 - HPE Integrated Lights-Out 3 (iLO 3), Remote Disclosure of Information NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2016-08-30 Last Updated: 2016-08-30 Potential Security Impact: Remote Disclosure of Information Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain versions of HPE Integrated Lights-Out 3 (iLO 3). References: - CVE-2016-4379 - PSRT102936 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HPE Integrated Lights-Out 3 (iLO 3) all firmware versions prior to 1.88 BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2016-4379 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 Hewlett Packard Enterprise thanks Hanno Boeck for reporting this vulnerability to security-alert@hpe.com. RESOLUTION HPE has made the following firmware updates available to resolve the vulnerability in iLO 3. iLO3 firmware version 1.88 is available from the following locations: + Online ROM Flash Component for Windows x86 <https://www.hpe.com/global/swpublishing/MTX-3ef65d13406a41de97e6a75a3c> + Online ROM Flash Component for Windows x64 <https://www.hpe.com/global/swpublishing/MTX-bb45e0682dd04f098ad89e189c> + Online ROM Flash Component for Linux <https://www.hpe.com/global/swpublishing/MTX-4882dccaaa0d4fbcbd353033e6> + Online ROM Flash Component for VMware ESXi <https://www.hpe.com/global/swpublishing/MTX-04b05621285145119cbaa69982> HISTORY Version:1 (rev.1) - 30 August 2016 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJXxdRmAAoJEGIGBBYqRO9/wScH/jNuTs7zS27dp4ElK5vjie7y /kb0J5c58SJhihEzeTvV/JiydKtoyEf1HAW9AzRD/qYgWRN7gUaj2TN4syp8HyEx Ee0wvXvw3y8tZIWNOZIz5LNoTgf0hEPKRABFfMn5iI84OdtSPxgCXTkF1qm/fAHw S1wmyYv55qzQMR2gdxqLTpUjAQI/dU9X1kKAp46Ws6ZfnglLY88DAm6gfHLABTLi 7xt39WFgJ0mTn0VIKwhA3O78Q0MZlszNfcYX5p/6kfpngPcgrkNSsOxuvENtJKp6 RPZnas7rCVRdxfxrZjDYWWYmmYiPvfwkz8mTuapVWumjtvccNzwkFuIvDgjRvdo= =1ETs -----END PGP SIGNATURE-----

F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlDenial of service operations through crafted network traffic by a third party (Traffic Management Microkernel Restart ) There is a possibility of being affected unspecified, such as being in a state. Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause a denial-of-service condition. F5 BIG-IP Analytics and others are products of F5 Corporation of the United States. F5 BIG-IP Analytics is a suite of web application performance analysis software. APM is a set of solutions that provide secure and unified access to business-critical applications and networks. LTM is a local traffic manager