Sensitive Information Exposure in F5 BIG-IP by Unauthorized Access
CVE-2016-6249

5.3MEDIUM

Key Information:

Vendor: F5 Networks
Status: F5 Big-ip, Rest Framework Logging
Vendor: CVE Published:; 20 February 2017

🔔 Create F5 Networks Vulnerability Alert

What is CVE-2016-6249?

The F5 BIG-IP product line experiences a vulnerability wherein REST requests that timeout during user authentication may inadvertently log sensitive information, such as passwords, in plaintext form. This information is stored in the /var/log/restjavad.0.log file, creating an opportunity for local users to exploit this logging behavior to gain unauthorized access to sensitive data.

Affected Version(s)

F5 BIG-IP, REST Framework Logging BIG-IP 12.0.0, BIG-IP 11.5.0 - 11.6.1

References

https://support.f5.com/csp/article/K12685114

x_refsource_CONFIRM

http://www.securitytracker.com/id/1037873

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 20, 2017
Vulnerability Reserved
Jul 19, 2016

JSON