Lucene search

K
cve[email protected]CVE-2017-6165
HistoryOct 20, 2017 - 3:29 p.m.

CVE-2017-6165

2017-10-2015:29:00
CWE-532
web.nvd.nist.gov
32
f5
big-ip
ltm
hsm
configuration
logging
vulnerability
cve-2017-6165
nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

77.3%

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the “/var/log/ltm” log file.

Affected configurations

NVD
Node
f5big-ip_access_policy_managerMatch11.5.1
OR
f5big-ip_access_policy_managerMatch11.5.2
OR
f5big-ip_access_policy_managerMatch11.5.3
OR
f5big-ip_access_policy_managerMatch11.5.4
OR
f5big-ip_access_policy_managerMatch11.6.0
OR
f5big-ip_access_policy_managerMatch11.6.1
OR
f5big-ip_access_policy_managerMatch12.0.0
OR
f5big-ip_access_policy_managerMatch12.1.0
OR
f5big-ip_access_policy_managerMatch12.1.1
OR
f5big-ip_access_policy_managerMatch12.1.2
OR
f5big-ip_advanced_firewall_managerMatch11.5.1
OR
f5big-ip_advanced_firewall_managerMatch11.5.2
OR
f5big-ip_advanced_firewall_managerMatch11.5.3
OR
f5big-ip_advanced_firewall_managerMatch11.5.4
OR
f5big-ip_advanced_firewall_managerMatch11.6.0
OR
f5big-ip_advanced_firewall_managerMatch11.6.1
OR
f5big-ip_advanced_firewall_managerMatch12.0.0
OR
f5big-ip_advanced_firewall_managerMatch12.1.0
OR
f5big-ip_advanced_firewall_managerMatch12.1.1
OR
f5big-ip_advanced_firewall_managerMatch12.1.2
OR
f5big-ip_analyticsMatch11.5.1
OR
f5big-ip_analyticsMatch11.5.2
OR
f5big-ip_analyticsMatch11.5.3
OR
f5big-ip_analyticsMatch11.5.4
OR
f5big-ip_analyticsMatch11.6.0
OR
f5big-ip_analyticsMatch11.6.1
OR
f5big-ip_analyticsMatch12.0.0
OR
f5big-ip_analyticsMatch12.1.0
OR
f5big-ip_analyticsMatch12.1.1
OR
f5big-ip_analyticsMatch12.2.0
OR
f5big-ip_application_acceleration_managerMatch11.5.1
OR
f5big-ip_application_acceleration_managerMatch11.5.2
OR
f5big-ip_application_acceleration_managerMatch11.5.3
OR
f5big-ip_application_acceleration_managerMatch11.5.4
OR
f5big-ip_application_acceleration_managerMatch11.6.0
OR
f5big-ip_application_acceleration_managerMatch11.6.1
OR
f5big-ip_application_acceleration_managerMatch12.0.0
OR
f5big-ip_application_acceleration_managerMatch12.1.0
OR
f5big-ip_application_acceleration_managerMatch12.1.1
OR
f5big-ip_application_acceleration_managerMatch12.1.2
OR
f5big-ip_application_security_managerMatch11.5.1
OR
f5big-ip_application_security_managerMatch11.5.2
OR
f5big-ip_application_security_managerMatch11.5.3
OR
f5big-ip_application_security_managerMatch11.5.4
OR
f5big-ip_application_security_managerMatch11.6.0
OR
f5big-ip_application_security_managerMatch11.6.1
OR
f5big-ip_application_security_managerMatch12.0.0
OR
f5big-ip_application_security_managerMatch12.1.0
OR
f5big-ip_application_security_managerMatch12.1.1
OR
f5big-ip_application_security_managerMatch12.1.2
OR
f5big-ip_domain_name_systemMatch11.5.1
OR
f5big-ip_domain_name_systemMatch11.5.2
OR
f5big-ip_domain_name_systemMatch11.5.3
OR
f5big-ip_domain_name_systemMatch11.5.4
OR
f5big-ip_domain_name_systemMatch11.6.0
OR
f5big-ip_domain_name_systemMatch11.6.1
OR
f5big-ip_domain_name_systemMatch12.0.0
OR
f5big-ip_domain_name_systemMatch12.1.0
OR
f5big-ip_domain_name_systemMatch12.1.1
OR
f5big-ip_domain_name_systemMatch12.1.2
OR
f5big-ip_global_traffic_managerMatch11.5.1
OR
f5big-ip_global_traffic_managerMatch11.5.2
OR
f5big-ip_global_traffic_managerMatch11.5.3
OR
f5big-ip_global_traffic_managerMatch11.5.4
OR
f5big-ip_global_traffic_managerMatch11.6.0
OR
f5big-ip_global_traffic_managerMatch11.6.1
OR
f5big-ip_global_traffic_managerMatch12.0.0
OR
f5big-ip_global_traffic_managerMatch12.1.0
OR
f5big-ip_global_traffic_managerMatch12.1.1
OR
f5big-ip_global_traffic_managerMatch12.1.2
OR
f5big-ip_link_controllerMatch11.5.1
OR
f5big-ip_link_controllerMatch11.5.2
OR
f5big-ip_link_controllerMatch11.5.3
OR
f5big-ip_link_controllerMatch11.5.4
OR
f5big-ip_link_controllerMatch11.6.0
OR
f5big-ip_link_controllerMatch11.6.1
OR
f5big-ip_link_controllerMatch12.0.0
OR
f5big-ip_link_controllerMatch12.1.0
OR
f5big-ip_link_controllerMatch12.1.1
OR
f5big-ip_link_controllerMatch12.1.2
OR
f5big-ip_local_traffic_managerMatch11.5.1
OR
f5big-ip_local_traffic_managerMatch11.5.2
OR
f5big-ip_local_traffic_managerMatch11.5.3
OR
f5big-ip_local_traffic_managerMatch11.5.4
OR
f5big-ip_local_traffic_managerMatch11.6.0
OR
f5big-ip_local_traffic_managerMatch11.6.1
OR
f5big-ip_local_traffic_managerMatch12.0.0
OR
f5big-ip_local_traffic_managerMatch12.1.0
OR
f5big-ip_local_traffic_managerMatch12.1.1
OR
f5big-ip_local_traffic_managerMatch12.1.2
OR
f5big-ip_policy_enforcement_managerMatch11.5.1
OR
f5big-ip_policy_enforcement_managerMatch11.5.2
OR
f5big-ip_policy_enforcement_managerMatch11.5.3
OR
f5big-ip_policy_enforcement_managerMatch11.5.4
OR
f5big-ip_policy_enforcement_managerMatch11.6.0
OR
f5big-ip_policy_enforcement_managerMatch11.6.1
OR
f5big-ip_policy_enforcement_managerMatch12.0.0
OR
f5big-ip_policy_enforcement_managerMatch12.1.0
OR
f5big-ip_policy_enforcement_managerMatch12.1.1
OR
f5big-ip_policy_enforcement_managerMatch12.1.2
OR
f5big-ip_websafeMatch11.5.1
OR
f5big-ip_websafeMatch11.5.2
OR
f5big-ip_websafeMatch11.5.3
OR
f5big-ip_websafeMatch11.5.4
OR
f5big-ip_websafeMatch11.6.0
OR
f5big-ip_websafeMatch11.6.1
OR
f5big-ip_websafeMatch12.0.0
OR
f5big-ip_websafeMatch12.1.0
OR
f5big-ip_websafeMatch12.1.1
OR
f5big-ip_websafeMatch12.1.2
AND
f5viprion_application_delivery_controllerMatch-

CNA Affected

[
  {
    "product": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe",
    "vendor": "F5 Networks, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "12.0.0 through 12.1.2"
      },
      {
        "status": "affected",
        "version": "11.6.0 through 11.6.1 HF1"
      },
      {
        "status": "affected",
        "version": "11.5.1 HF6 through 11.5.4 HF4"
      }
    ]
  }
]

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

77.3%

Related for CVE-2017-6165