BIG-IP SSL Certificate Validation Issue by F5 Networks
CVE-2019-6592
9.1CRITICAL
Key Information:
- Vendor
- F5
- Vendor
- CVE Published:
- 26 February 2019
Summary
An issue exists within the F5 BIG-IP product affecting versions 14.1.0 to 14.1.0.1, where the Traffic Management Microkernel (TMM) may unexpectedly restart. This occurs during the validation of SSL certificates in both client SSL and server SSL profiles, potentially impacting the availability of services reliant on secure communications.
Affected Version(s)
BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) 14.1.0-14.1.0.1
References
CVSS V3.1
Score:
9.1
Severity:
CRITICAL
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved