Vulnerability Data

by Reconmap

CVE-2016-9244

A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well.

Published at
2017-02-09T15:59Z
2656 days ago
Modified
2019-06-06T15:11Z
1809 days ago
CWE-200
Problem type

Impact

CVSS v3 vector string
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Severity Score Vector

7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References


URLType
support.f5.com
https://support.f5.com/csp/article/K05121675		CONFIRM
1037800
http://www.securitytracker.com/id/1037800		SECTRACK
41298
https://www.exploit-db.com/exploits/41298/		EXPLOIT-DB
filippo.io
https://filippo.io/Ticketbleed/		MISC
blog.filippo.io
https://blog.filippo.io/finding-ticketbleed/		MISC
packetstormsecurity.com
http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html		MISC
github.com
https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py		MISC
96143
http://www.securityfocus.com/bid/96143		BID

GET https://vulnerabilitydata.com/api/details/CVE-2016-9244

{
	"id": "CVE-2016-9244",
	"published_date": "2017-02-09T15:59Z",
	"last_modified_date": "2019-06-06T15:11Z",
	"assigner": "f5sirt@f5.com",
	"description": "A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well.",
	"references": [
		{
			"url": "https://support.f5.com/csp/article/K05121675",
			"name": "https://support.f5.com/csp/article/K05121675",
			"refsource": "CONFIRM",
			"tags": [
				"Mitigation",
				"Vendor Advisory"
			]
		},
		{
			"url": "http://www.securitytracker.com/id/1037800",
			"name": "1037800",
			"refsource": "SECTRACK",
			"tags": [
				"Third Party Advisory",
				"VDB Entry"
			]
		},
		{
			"url": "https://www.exploit-db.com/exploits/41298/",
			"name": "41298",
			"refsource": "EXPLOIT-DB",
			"tags": []
		},
		{
			"url": "https://filippo.io/Ticketbleed/",
			"name": "https://filippo.io/Ticketbleed/",
			"refsource": "MISC",
			"tags": []
		},
		{
			"url": "https://blog.filippo.io/finding-ticketbleed/",
			"name": "https://blog.filippo.io/finding-ticketbleed/",
			"refsource": "MISC",
			"tags": []
		},
		{
			"url": "http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html",
			"name": "http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html",
			"refsource": "MISC",
			"tags": []
		},
		{
			"url": "https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py",
			"name": "https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py",
			"refsource": "MISC",
			"tags": []
		},
		{
			"url": "http://www.securityfocus.com/bid/96143",
			"name": "96143",
			"refsource": "BID",
			"tags": []
		}
	],
	"impact": {
		"baseMetricV3": {
			"cvssV3": {
				"version": "3.0",
				"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
				"attackVector": "NETWORK",
				"attackComplexity": "LOW",
				"privilegesRequired": "NONE",
				"userInteraction": "NONE",
				"scope": "UNCHANGED",
				"confidentialityImpact": "HIGH",
				"integrityImpact": "NONE",
				"availabilityImpact": "NONE",
				"baseScore": 7.5,
				"baseSeverity": "HIGH"
			},
			"exploitabilityScore": 3.9,
			"impactScore": 3.6
		},
		"baseMetricV2": {
			"cvssV2": {
				"version": "2.0",
				"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
				"accessVector": "NETWORK",
				"accessComplexity": "LOW",
				"authentication": "NONE",
				"confidentialityImpact": "PARTIAL",
				"integrityImpact": "NONE",
				"availabilityImpact": "NONE",
				"baseScore": 5
			},
			"severity": "MEDIUM",
			"exploitabilityScore": 10,
			"impactScore": 2.9,
			"obtainAllPrivilege": false,
			"obtainUserPrivilege": false,
			"obtainOtherPrivilege": false,
			"userInteractionRequired": false
		}
	},
	"problem_type": "CWE-200"
}