PT-2018-8293 · F5 · F5 Big-Ip Advanced Firewall Manager
Published
2018-01-19
·
Updated
2018-02-06
·
CVE-2017-6142
CVSS v2.0
5.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP Advanced Firewall Manager versions 11.6.0 through 11.6.2
F5 BIG-IP Advanced Firewall Manager versions 12.1.0 through 12.1.2
F5 BIG-IP Advanced Firewall Manager version 13.0.0
Description
The issue concerns the incorrect implementation of X509 certificate verification in the "user id" feature of the F5 BIG-IP Advanced Firewall Manager. This results in the failure to properly validate the remote server's identity.
Recommendations
For versions 11.6.0 through 11.6.2, update the certificate verification mechanism to properly validate the remote server's identity.
For versions 12.1.0 through 12.1.2, update the certificate verification mechanism to properly validate the remote server's identity.
For version 13.0.0, update the certificate verification mechanism to properly validate the remote server's identity.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
F5 Big-Ip Advanced Firewall Manager