Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2017-6131

In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH.

  • Published: May 23, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-6131
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
f5 / big-ip_local_traffic_manager 12.1.2 12.1.2.x
f5 / big-ip_local_traffic_manager 12.0.0 12.0.0.x
f5 / big-ip_local_traffic_manager 12.1.0 12.1.0.x
f5 / big-ip_local_traffic_manager 13.0.0 13.0.0.x
f5 / big-ip_local_traffic_manager 12.1.1 12.1.1.x
f5 / big-ip_application_acceleration_manager 12.0.0 12.0.0.x
f5 / big-ip_application_acceleration_manager 12.1.0 12.1.0.x
f5 / big-ip_application_acceleration_manager 12.1.1 12.1.1.x
f5 / big-ip_application_acceleration_manager 12.1.2 12.1.2.x
f5 / big-ip_application_acceleration_manager 13.0.0 13.0.0.x
f5 / big-ip_advanced_firewall_manager 12.1.0 12.1.0.x
f5 / big-ip_advanced_firewall_manager 12.1.2 12.1.2.x
f5 / big-ip_advanced_firewall_manager 12.1.1 12.1.1.x
f5 / big-ip_advanced_firewall_manager 12.0.0 12.0.0.x
f5 / big-ip_advanced_firewall_manager 13.0.0 13.0.0.x
f5 / big-ip_access_policy_manager 12.1.2 12.1.2.x
f5 / big-ip_access_policy_manager 12.0.0 12.0.0.x
f5 / big-ip_access_policy_manager 13.0.0 13.0.0.x
f5 / big-ip_access_policy_manager 12.1.1 12.1.1.x
f5 / big-ip_access_policy_manager 12.1.0 12.1.0.x
f5 / big-ip_application_security_manager 12.1.1 12.1.1.x
f5 / big-ip_application_security_manager 13.0.0 13.0.0.x
f5 / big-ip_application_security_manager 12.1.0 12.1.0.x
f5 / big-ip_application_security_manager 12.0.0 12.0.0.x
f5 / big-ip_application_security_manager 12.1.2 12.1.2.x
f5 / big-ip_domain_name_system 12.1.2 12.1.2.x
f5 / big-ip_domain_name_system 12.1.0 12.1.0.x
f5 / big-ip_domain_name_system 12.0.0 12.0.0.x
f5 / big-ip_domain_name_system 13.0.0 13.0.0.x
f5 / big-ip_domain_name_system 12.1.1 12.1.1.x
f5 / big-ip_link_controller 13.0.0 13.0.0.x
f5 / big-ip_link_controller 12.1.1 12.1.1.x
f5 / big-ip_link_controller 12.1.0 12.1.0.x
f5 / big-ip_link_controller 12.1.2 12.1.2.x
f5 / big-ip_link_controller 12.0.0 12.0.0.x
f5 / big-ip_policy_enforcement_manager 13.0.0 13.0.0.x
f5 / big-ip_policy_enforcement_manager 12.1.1 12.1.1.x
f5 / big-ip_policy_enforcement_manager 12.1.2 12.1.2.x
f5 / big-ip_policy_enforcement_manager 12.0.0 12.0.0.x
f5 / big-ip_policy_enforcement_manager 12.1.0 12.1.0.x
f5 / big-ip_websafe 12.1.0 12.1.0.x
f5 / big-ip_websafe 12.0.0 12.0.0.x
f5 / big-ip_websafe 13.0.0 13.0.0.x
f5 / big-ip_websafe 12.1.1 12.1.1.x
f5 / big-ip_websafe 12.1.2 12.1.2.x