CVE-2023-3470

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions (affected versions not specified)

Description The issue concerns F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards, which generate a deterministic password for the Crypto User account. This predictable password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, to obtain the information required to generate the correct password. On vCMP systems, all Guests share the same deterministic password, enabling those with TMSH access on one Guest to access keys of a different Guest. The affected BIG-IP hardware platforms include 10350v-F, i5820-DF, i7820-DF, i15820-DF, 5250v-F, 7200v-F, 10200v-F, 6900-F, 8900-F, 11000-F, and 11050-F.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.