3 matches found
CVE-2023-3470
CVE-2023-3470 affects specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards, where the Crypto User password is deterministic. This enables an authenticated user with tmsh access (or someone with physical access to the FIPS HSM) to derive the correct password, potentially compromising con...
CVE-2023-3470 BIG-IP FIPS HSM password vulnerability CVE-2023-3470
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...
F5 Networks BIG-IP : BIG-IP FIPS HSM password vulnerability (K000135449)
The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4 / 14.1.4 / 15.1.1 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K000135449 advisory. - Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password...