F5 Local Security Checks : F5 BIG-IP - BIG-IP APM SSO vulnerability CVE-2016-3686

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.105607

Category: F5 Local Security Checks

Title: F5 BIG-IP - BIG-IP APM SSO vulnerability CVE-2016-3686

Summary: The remote host is missing a security patch.

Description: Summary:
The remote host is missing a security patch.

Vulnerability Insight:
Cleartext SessionID is visible in URL query parameters under some conditions.

Vulnerability Impact:
There is a theoretical risk that a user could obtain unauthorized access to the system, causing a security breach.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-3686
http://www.securitytracker.com/id/1035519

Copyright Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.105607
Category:	F5 Local Security Checks
Title:	F5 BIG-IP - BIG-IP APM SSO vulnerability CVE-2016-3686
Summary:	The remote host is missing a security patch.
Description:	Summary: The remote host is missing a security patch. Vulnerability Insight: Cleartext SessionID is visible in URL query parameters under some conditions. Vulnerability Impact: There is a theoretical risk that a user could obtain unauthorized access to the system, causing a security breach. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3686 http://www.securitytracker.com/id/1035519
Copyright	Copyright (C) 2016 Greenbone AG