CVE-2017-6165 — Log File Information Exposure in F5 Big-ip Analytics

CWE-532 — Log File Information Exposure4 documents4 sources

Severity

9.8CRITICALNVD

EPSS

2.0%

top 16.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Big-ip Access Policy Manager F5 Big-ip Advanced Firewall Manager F5 Big-ip Analytics +8 more

Timeline

PublishedOct 20

Latest updateMay 17

Description

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the "/var/log/ltm" log file.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages11 packages

▶NVDf5/big-ip_link_controller10 versions+9

▶NVDf5/big-ip_websafe10 versions+9

▶NVDf5/big-ip_analytics10 versions+9

▶NVDf5/big-ip_domain_name_system10 versions+9

▶NVDf5/big-ip_access_policy_manager10 versions+9

🔴Vulnerability Details

GHSA

GHSA-4x6p-8h5m-3xj2: In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11↗2022-05-17

▶

CVEList

CVE-2017-6165: In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11↗2017-10-20

▶

📋Vendor Advisories

CVE-2017-6165: In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11↗2017-10-20

▶