K59957337 : ASM Cloud Security Services authentication vulnerability CVE-2019-6687

2019-12-2000:00:00

my.f5.com

0.001 Low

EPSS

Percentile

45.2%

JSON

Security Advisory Description

The BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints. (CVE-2019-6687)

Impact

This vulnerability may allow man-in-the-middle attackers to intercept traffic destined for cloud services, and read and modify data that is in transit.

CPENameOperatorVersion
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-iq centralized managementeq7.0.0
big-ip afmeq11.5.10
big-ip afmeq11.5.2
big-ip afmeq11.5.3

Name	Operator	Version
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-iq centralized management	eq	7.0.0
big-ip afm	eq	11.5.10
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3

Rows per page:

1-10 of 2911

0.001 Low

EPSS

Percentile

45.2%

JSON

Related for F5:K59957337