Main Vulnerability Database SB2018012201

SB2018012201 - Man-in-the-middle in F5 BIG-IP AFM

Published: January 22, 2018

Security Bulletin ID SB2018012201

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Man-in-the-middle attack (CVE-ID: CVE-2017-6142)

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote attacker to conduct man-in-the-middle attack.

The weakness exists due to the early access 'user id' feature does not properly validate the remote server's X.509 certificatel. A remote attacker can use man-in-the-middle technique and access and modify IP Intelligence (IPI) policy enforcement data communicated between the remote server and the target Advanced Firewall Manager.

Remediation

Install update from vendor's website.

References

http://support.f5.com/csp/article/K20682450