[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80170

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2017-6165

Date: (C)2017-10-27   (M)2017-12-07 


In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the "/var/log/ltm" log file.

CVSS Score: 5.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 2.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: NONE
 Availability: NONE





Reference:
BID-101543
SECTRACK-1039638
https://support.f5.com/csp/article/K74759095

CPE    69
cpe:/a:f5:big-ip_domain_name_system:12.0.0
cpe:/a:f5:big-ip_domain_name_system:12.1.0
cpe:/a:f5:big-ip_domain_name_system:12.1.1
cpe:/a:f5:big-ip_analytics:11.6.0
...
CWE    1
CWE-532

© 2013 SecPod Technologies