Man-in-the-middle attack in BIG-IP AFM - CVE-2017-6142
Published: January 22, 2018
Vulnerability identifier: #VU10146
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-6142
CWE-ID: CWE-300
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: F5 Networks
Affected software:
BIG-IP AFM
BIG-IP AFM
Detailed vulnerability description
The vulnerability allows a remote attacker to conduct man-in-the-middle attack.
The weakness exists due to the early access 'user id' feature does not properly validate the remote server's X.509 certificatel. A remote attacker can use man-in-the-middle technique and access and modify IP Intelligence (IPI) policy enforcement data communicated between the remote server and the target Advanced Firewall Manager.
The weakness exists due to the early access 'user id' feature does not properly validate the remote server's X.509 certificatel. A remote attacker can use man-in-the-middle technique and access and modify IP Intelligence (IPI) policy enforcement data communicated between the remote server and the target Advanced Firewall Manager.
How to mitigate CVE-2017-6142
Install update from vendor's website.