K74759095 : SafeNet External Network HSM script vulnerability CVE-2017-6165

2017-10-2000:00:00

my.f5.com

9.4 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.4%

JSON

Security Advisory Description

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the “/var/log/ltm” log file. (CVE-2017-6165)

Impact

An attacker with access to the logged password may be able to cause disruption of service or have other impacts on the HSM partition.

CPENameOperatorVersion
big-iq centralized managementeq4.6.0
big-ip afmeq11.3.0
big-ip afmeq11.4.0
big-ip afmeq11.4.1
big-ip afmeq11.5.0
big-ip afmeq11.5.1
big-ip afmeq11.5.10
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.5.4

Name	Operator	Version
big-iq centralized management	eq	4.6.0
big-ip afm	eq	11.3.0
big-ip afm	eq	11.4.0
big-ip afm	eq	11.4.1
big-ip afm	eq	11.5.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.10
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.5.4

Rows per page:

1-10 of 3681