Multiple F5 Networks Products are prone to an unspecified local information-disclosure vulnerability.
Local attackers can exploit this issue to obtain sensitive information. Information obtained may lead to further attacks.
The following products are vulnerable:
BIG-IP APM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4
BIG-IP Edge Gateway 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4
FirePass 6.0.0 through 6.1.0 and 7.0.0
Information
F5 FirePass 6.1
F5 FirePass 6.0
F5 BIG-IP Edge Gateway 11.3
F5 BIG-IP Edge Gateway 11.2.1 HF3
F5 BIG-IP Edge Gateway 11.2.1
F5 BIG-IP Edge Gateway 11.2 HF3
F5 BIG-IP Edge Gateway 11.2
F5 BIG-IP Edge Gateway 11.1
F5 BIG-IP Edge Gateway 11.0
F5 BIG-IP Edge Gateway 10.2.4
F5 BIG-IP Edge Gateway 10.2.2
F5 BIG-IP Edge Gateway 11.4.1
F5 BIG-IP Edge Gateway 11.3.0 HF4
F5 BIG-IP Edge Gateway 11.2.1 HF5
F5 BIG-IP Edge Gateway 11.2.1 HF2
F5 BIG-IP Edge Gateway 11.2.0 HF5
F5 BIG-IP Edge Gateway 11.1.0 HF7
F5 BIG-IP Edge Gateway 10.1
F5 BIG-IP APM 11.2
F5 BIG-IP APM 11.0
F5 BIG-IP APM 10.2.4
F5 BIG-IP APM 10.2.2
F5 BIG-IP APM 11.4.1
F5 BIG-IP APM 11.4.0
F5 BIG-IP APM 11.3.0 HF4
F5 BIG-IP APM 11.3.0
F5 BIG-IP APM 11.2.1 HF5
F5 BIG-IP APM 11.2.1 HF3
F5 BIG-IP APM 11.2.1 HF2
F5 BIG-IP APM 11.2.1 HF1
F5 BIG-IP APM 11.2.1
F5 BIG-IP APM 11.2.0 HF5
F5 BIG-IP APM 11.2.0 HF3
F5 BIG-IP APM 11.2.0 HF2
F5 BIG-IP APM 11.1.0 HF7
F5 BIG-IP APM 11.1.0
F5 BIG-IP APM 10.1
F5 BIG-IP APM 11.5.0
Exploit
Attackers require local interactive access to exploit this issue.
References: