BIG-IP SSL Certificate Validation Issue by F5 Networks
CVE-2019-6592

9.1CRITICAL

Summary

An issue exists within the F5 BIG-IP product affecting versions 14.1.0 to 14.1.0.1, where the Traffic Management Microkernel (TMM) may unexpectedly restart. This occurs during the validation of SSL certificates in both client SSL and server SSL profiles, potentially impacting the availability of services reliant on secure communications.

Affected Version(s)

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) 14.1.0-14.1.0.1

References

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.