F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server. (CVE-2018-5542)
Impact
This vulnerability may allow unauthorized disclosure and modification of monitor traffic by an attacker with a privileged network position (MITM).
Note: This vulnerability affects HTTPS monitors that are configured on Traffic Management Microkernel (TMM) interfaces and monitors that are configured on the management interface (MGMT).