Code injection

2019-07-0318:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.8%

JSON

On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact to the control plane.

CPENameOperatorVersion
big-ip_access_policy_managerge14.1.0.1
big-ip_access_policy_managerle14.1.0.5
big-ip_advanced_firewall_managerge14.1.0.1
big-ip_advanced_firewall_managerle14.1.0.5
big-ip_analyticsge14.1.0.1
big-ip_analyticsle14.1.0.5
big-ip_application_acceleration_managerge14.1.0.1
big-ip_application_acceleration_managerle14.1.0.5
big-ip_application_security_managerge14.1.0.1
big-ip_application_security_managerle14.1.0.5

Name	Operator	Version
big-ip_access_policy_manager	ge	14.1.0.1
big-ip_access_policy_manager	le	14.1.0.5
big-ip_advanced_firewall_manager	ge	14.1.0.1
big-ip_advanced_firewall_manager	le	14.1.0.5
big-ip_analytics	ge	14.1.0.1
big-ip_analytics	le	14.1.0.5
big-ip_application_acceleration_manager	ge	14.1.0.1
big-ip_application_acceleration_manager	le	14.1.0.5
big-ip_application_security_manager	ge	14.1.0.1
big-ip_application_security_manager	le	14.1.0.5