CVE-2016-5745

F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF11, 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2 allow remote attackers to modify or extract system configuration files via vectors involving NAT64.

Published: Oct 5, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-5745
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
f5 / big-ip_local_traffic_manager	11.6.1	11.6.1.x
f5 / big-ip_local_traffic_manager	11.0.0	11.0.0.x
f5 / big-ip_local_traffic_manager	11.2.1	11.2.1.x
f5 / big-ip_local_traffic_manager	12.0.0	12.0.0.x
f5 / big-ip_local_traffic_manager	11.2.0	11.2.0.x
f5 / big-ip_local_traffic_manager	12.1.0	12.1.0.x
f5 / big-ip_local_traffic_manager	11.3.0	11.3.0.x
f5 / big-ip_local_traffic_manager	11.4.1	11.4.1.x
f5 / big-ip_local_traffic_manager	11.1.0	11.1.0.x
f5 / big-ip_local_traffic_manager	11.5.4	11.5.4.x
f5 / big-ip_local_traffic_manager	11.6.0	11.6.0.x
f5 / big-ip_local_traffic_manager	11.5.1	11.5.1.x
f5 / big-ip_local_traffic_manager	11.5.2	11.5.2.x
f5 / big-ip_local_traffic_manager	11.5.3	11.5.3.x
f5 / big-ip_local_traffic_manager	11.5.0	11.5.0.x
f5 / big-ip_local_traffic_manager	11.4.0	11.4.0.x

Vulnerability Database

289,599

CVE-2016-5745