Timing Side-Channel Vulnerability in F5 BIG-IP Systems
CVE-2014-4024

5.9MEDIUM

Key Information:

Vendor
F5
Vendor
CVE Published:
19 March 2018

Summary

The F5 BIG-IP systems are vulnerable to a timing side-channel attack that could be exploited by remote attackers when the systems are used in conjunction with third-party SSL accelerator cards. This vulnerability occurs in SSL virtual servers and can lead to unspecified impacts, potentially allowing attackers to gain sensitive information or manipulate processes without detection.

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.