CVE-2016-1497

medium

CVSS v3 Base Score

4.9

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.2%

Exploitation probability in 30 days

Top 54% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Confidentiality

High

Integrity

None

Availability

None

Published: August 26, 2016 (3547 days ago)

Last Modified: May 6, 2026

Vendor: F5

Source: NVD

Description

The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors.

CWE

CWE-200

Affected Products

f5 big-ip webacceleratorf5 big-ip link controllerf5 big-ip access policy managerf5 big-ip application security managerf5 big-ip domain name systemf5 big-ip global traffic managerf5 big-ip local traffic managerf5 big-ip application acceleration managerf5 big-ip protocol security modulef5 big-ip analytics

References

🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 support.f5.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com

CVE-2016-1497

Vulnerability Report

Description

CWE

Affected Products

References