Cryptographic issues in F5 Networks Client/Desktop applications

#VU46575 Cryptographic issues in F5 Networks Client/Desktop applications

Published: 2020-09-10

Vulnerability identifier: #VU46575

Vulnerability risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-5929

CWE-ID: CWE-310

Exploitation vector: Network

Exploit availability: No

Vendor: F5 Networks

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to usage of insecue Anonymous Diffie-Hellman (ADH) or Ephemeral Diffie-Hellman (DHE) ciphers. A remote attacker can use multiple crafted SSL/TLS handshakes to the vulnerable BIG-IP virtual server, recover the shared secret of past sessions and perform plaintext recovery of encrypted messages.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

BIG-IP: 11.6.1 - 11.6.2, 13.0.0, 12.1.0 - 12.1.2 HF1

BIG-IP LTM: 11.6.1 - 13.0.0

BIG-IP AAM: 11.6.1 - 13.0.0

BIG-IP Advanced WAF: 11.6.1 - 13.0.0

BIG-IP AFM: 11.6.1 - 13.0.0

BIG-IP Analytics: 11.6.1 - 13.0.0

BIG-IP APM: 11.6.1 - 13.0.0

BIG-IP ASM: 11.6.1 - 13.0.0

BIG-IP DDHD: 11.6.1 - 13.0.0

BIG-IP DNS: 11.6.1 - 13.0.0

BIG-IP FPS: 11.6.1 - 13.0.0

BIG-IP GTM: 11.6.1 - 13.0.0

BIG-IP Link Controller: 11.6.1 - 13.0.0

BIG-IP PEM: 11.6.1 - 13.0.0

BIG-IP SSLO: 11.6.1 - 13.0.0

External links
http://support.f5.com/csp/article/K91158923

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Cryptographic issues in F5 BIG-IP products