This vulnerability impacts only the iSeries platforms. On these platforms, the secureKeyCapable attribute is not set, which causes the Secure Vault feature to not use F5 hardware support to store the unit key. Instead, the unit key is stored in plaintext on disk, as is the case for Z100 systems. Additionally, this issue causes the unit key to be stored in UCS files taken on these platforms. (CVE-2019-6609)
Impact
BIG-IP
The unit key on a BIG-IP iSeries platform is stored in plaintext. As a result, the confidentiality of the unit key and master key on the BIG-IP iSeries platform may be compromised. All other BIG-IP platforms are not affected by this vulnerability.
Enterprise Manager, BIG-IQ Centralized Management, F5 iWorkflow, Traffix SDC
There is no impact; these F5 products are not affected by this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
big-ip afm | eq | 11.5.2 | |
big-ip afm | eq | 11.5.3 | |
big-ip afm | eq | 11.5.4 | |
big-ip afm | eq | 11.5.5 | |
big-ip afm | eq | 11.5.6 | |
big-ip afm | eq | 11.5.7 | |
big-ip afm | eq | 11.5.8 | |
big-ip afm | eq | 11.5.9 | |
big-ip afm | eq | 11.6.1 | |
big-ip afm | eq | 11.6.2 |