CVE-2014-8730

CWE-310 CWE-20 — Improper Input Validation CWE-327 — Broken Cryptographic Algorithm6 documents6 sources

Severity

4.3MEDIUM

EPSS

3.1%

top 13.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Big-ip Access Policy Manager F5 Big-ip Advanced Firewall Manager F5 Big-ip Analytics +11 more

Timeline

PublishedDec 10

Latest updateMay 17

Description

The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly c…

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages14 packages

▶NVDf5/big-ip_edge_gateway11 versions+10

▶NVDf5/big-iq_cloud5 versions+4

▶NVDf5/big-iq_device4.2.0, 4.3.0, 4.4.0+2

▶NVDf5/big-iq_security5 versions+4

▶NVDf5/big-ip_analytics9 versions+8

🔴Vulnerability Details

GHSA

GHSA-fr49-w774-hwch: The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10↗2022-05-17

▶

CVEList

CVE-2014-8730: The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10↗2014-12-10

▶

📋Vendor Advisories

Cisco

SSL-TLS Implementations Cipher Block Chaining Padding Information Disclosure Vulnerability↗2014-12-11

▶

Red Hat

TLS: incorrect check of padding bytes when using CBC cipher suites↗2014-12-09

▶

💬Community

Bugzilla

CVE-2014-8730 TLS: incorrect check of padding bytes when using CBC cipher suites↗2014-12-09

▶