Unrated severityNVD Advisory· Published Jul 3, 2019· Updated Aug 4, 2024
CVE-2019-6632
CVE-2019-6632
Description
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to encrypted configuration and/or UCS files.
Affected products
2Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/109112mitrevdb-entryx_refsource_BID
- support.f5.com/csp/article/K01413496mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.