K18535734 : BIG-IP Secure Vault vulnerability CVE-2019-6609

2019-04-1000:00:00

my.f5.com

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.7%

JSON

Security Advisory Description

This vulnerability impacts only the iSeries platforms. On these platforms, the secureKeyCapable attribute is not set, which causes the Secure Vault feature to not use F5 hardware support to store the unit key. Instead, the unit key is stored in plaintext on disk, as is the case for Z100 systems. Additionally, this issue causes the unit key to be stored in UCS files taken on these platforms. (CVE-2019-6609)

Impact

BIG-IP

The unit key on a BIG-IP iSeries platform is stored in plaintext. As a result, the confidentiality of the unit key and master key on the BIG-IP iSeries platform may be compromised. All other BIG-IP platforms are not affected by this vulnerability.

Enterprise Manager, BIG-IQ Centralized Management, F5 iWorkflow, Traffix SDC

There is no impact; these F5 products are not affected by this vulnerability.

CPENameOperatorVersion
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.5.4
big-ip afmeq11.5.5
big-ip afmeq11.5.6
big-ip afmeq11.5.7
big-ip afmeq11.5.8
big-ip afmeq11.5.9
big-ip afmeq11.6.1
big-ip afmeq11.6.2

Name	Operator	Version
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.5.4
big-ip afm	eq	11.5.5
big-ip afm	eq	11.5.6
big-ip afm	eq	11.5.7
big-ip afm	eq	11.5.8
big-ip afm	eq	11.5.9
big-ip afm	eq	11.6.1
big-ip afm	eq	11.6.2

Rows per page:

1-10 of 2361