Vulnerabilities

CVE-2019-6632

by Fred · 03/07/2019

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to encrypted configuration and/or UCS files.

Date published : 2019-07-03

http://www.securityfocus.com/bid/109112

https://support.f5.com/csp/article/K01413496

Similar

Tags: Cybersecurity Alert