Show plain JSON{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F975B09-678D-49A3-9BCE-C4F3BF45B0BB", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB553A20-D521-4A32-AD49-8FFD5A95E684", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCA6CE41-1D13-4A7A-94D8-C0D5740870A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A3D475E-7F63-4635-A5E4-83141D483E42", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "DD3FC6D2-5816-47C0-81AE-DED62570F090", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "71B7081C-A869-402A-9C58-219B3225DB70", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "5360871B-4642-4FD5-A63E-5B70B7FD7F5F", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB183373-A897-43DF-A544-364E59358F30", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "BDE52157-F1BB-4BCA-B582-48D826BBD0E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B4FC017-1567-4D02-A594-7F46090C5828", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2442894-A473-49A5-95B6-6312C3407FE6", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "08E29063-889A-4499-AEAC-D79165EA34A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7816C2AB-A2E1-467B-A865-ED4E5AE6268A", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "78F5DCAD-BE4E-4D57-82CD-ADAB32691A9E", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C32BB88-ECE9-49C1-B75D-D47A17399C10", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "75799571-1EF3-49A1-875D-0E97986BF9D3", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B318D4F-0D42-46CD-A5A9-02337BB1D2F2", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "14612AC5-945C-4402-AFF0-5FCE11B7C785", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "E134141F-B038-4226-8DBF-794D541817E1", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "77B967D7-1E01-4608-97B5-F01C558369C8", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "55A4B49E-951A-43B2-828E-1675A58FD35C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "matchCriteriaId": "957EB01F-A7F3-4538-9611-DEA7E4D9123E", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "matchCriteriaId": "E12F783F-6496-48CB-BEBB-C5EF70041F40", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "EB6D6699-FC0C-4FAC-B229-A07318FB0FCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "44513347-AC7C-4F28-85FC-3808C8F2446D", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE2899E6-ABEF-4B61-AB8D-AF060D571196", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "BD8774B7-23A5-4719-A50E-5CF353210A2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "70C8C72D-B266-4BAD-A3E8-A9BE508D07A1", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7C6025C-7283-4568-929B-CFA11423E179", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "74DEDC05-82FC-4AD5-9DDD-D0D68DA9E26D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "A85E03DC-655F-4C78-9885-A0B5B56A2E48", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFD6E77F-7608-402D-A593-BF53790888B8", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "76F48A48-9C6E-49CD-8C89-C4F75BF2982A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "8700A87A-30F8-4497-B429-2237AC1C064B", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "BBBAD42C-06D5-437F-AB92-1DCC23C1A78B", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3E634D59-2B6D-49B8-A7BD-E2962CD2B455", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF3949EF-0D27-4868-B136-996B4D38D9B1", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3DB5F9D2-C452-4469-9626-15FA11960A9C", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5756EA61-D0E4-4AC1-882D-71EE4BB6CEB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF6A13AE-9A16-4A69-A793-21CF85220073", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "57388787-F9DF-4930-ACBC-F3D1DAA53190", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E847B072-2E86-416D-9D39-FD796770A0B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "87294E83-8020-4904-9244-326FAF3A1E92", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0AF0D639-0210-47D0-8680-6E09F0111D5D", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "461C4C1D-B0F9-44EF-A535-BCE9FE501A94", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F241FCC-B063-46F2-B646-FB093AAFF216", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "704DF342-2CB5-4791-BF30-294D07B53653", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1C2B883-EA96-4B51-865B-B1DE1561096C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C0A2074-4C85-40B4-9D53-3E848E6D5DDD", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "30CAABDE-CA8C-4F0A-B4D1-0633557AD5E1", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BFD6E8A-0449-402C-A215-71A907BF5EA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "04E8EDA0-59E4-4B8B-9432-4DE4A366913C", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF205251-23BF-440C-AD67-85640A7CD1B0", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C5A9DDF-C18B-4628-AE26-50FBDAD4654B", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "matchCriteriaId": "D30280BF-AB2F-4C5E-906D-F12743A72A34", "versionEndExcluding": "13.1.4", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA17EC0E-4098-4251-96A5-A60C3E71F6C4", "versionEndExcluding": "14.1.4", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_websafe:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7884CFAA-7817-4ED7-8623-7568B5422726", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_10350v-f_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0EFCCD16-FC73-43FB-8183-0794D5FA3836", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_10350v-f:-:*:*:*:*:*:*:*", "matchCriteriaId": "B68502B7-DBB6-44FB-A7BF-0A2A17392BF0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_i5820-df_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E07C2B5-C9F9-4031-A993-549BCD1BA04F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_i5820-df:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B877F7C-372E-4024-8B58-42FD1767C876", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_i7820-df_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CC635C5-1CC9-4288-A55F-9B2A9E789D7E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_i7820-df:-:*:*:*:*:*:*:*", "matchCriteriaId": "FDAC7E8A-680A-4846-9C5D-703F825B466D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_i15820-df_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "616958EC-482F-45A0-85DF-164BC78F892E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_i15820-df:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3E8256D-34BF-494B-A2E6-0BD2F5237807", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_5250v-f_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "78500FF0-1A11-437E-A9DB-9F4757753590", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_5250v-f:-:*:*:*:*:*:*:*", "matchCriteriaId": "619D4695-B607-401E-BFDA-CC00981B79FD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_7200v-f_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0FD80309-FF46-4BC1-BDD1-0185144C66E4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_7200v-f:-:*:*:*:*:*:*:*", "matchCriteriaId": "78AAAE3B-D9E3-42D8-ABF3-9BE94EA4BEBB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_10200v-f_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "84E924A8-ADC3-4329-9FAE-E90325EFC6CA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_10200v-f:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE6D2D69-5207-4644-88E3-AD9DBCFEE018", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_6900-f_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3F0CB727-DE1C-4246-BDEF-8AE1DF475622", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_6900-f:-:*:*:*:*:*:*:*", "matchCriteriaId": "191B3EA7-3150-484C-9EF4-1DFE3E22DFF5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_8900-f_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CBD44A57-8DA1-40B9-8CD9-9D854CA598C3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_8900-f:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9FF2A19-25DB-437E-A327-0AA5588C9E18", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_11000-f_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CEDB975-4840-4E65-98E4-1A12E3D72AF4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_11000-f:-:*:*:*:*:*:*:*", "matchCriteriaId": "0995B105-537E-42FD-9585-E8EDA0786104", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:big-ip_11050-f_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1B8974C-A5AB-4BCE-82EB-83BDF3212218", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_11050-f:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD0FEC42-4387-4260-9568-91A06F6D2946", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nSpecific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. \u00a0The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information required to generate the correct password. \u00a0On vCMP systems, all Guests share the same deterministic password, allowing those with TMSH access on one Guest to access keys of a different Guest.\n\nThe following BIG-IP hardware platforms are affected: 10350v-F, i5820-DF, i7820-DF, i15820-DF, 5250v-F, 7200v-F, 10200v-F, 6900-F, 8900-F, 11000-F, and 11050-F.\n\nThe BIG-IP rSeries r5920-DF and r10920-DF are not affected, nor does the issue affect software FIPS implementations or network HSM configurations.\n\n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n"}, {"lang": "es", "value": "Las plataformas F5 BIG-IP espec\u00edficas con tarjetas Cavium Nitrox FIPS HSM generan una contrase\u00f1a determinista para la cuenta Crypto User. La naturaleza predecible de la contrase\u00f1a permite a un usuario autenticado con acceso TMSH al sistema BIG-IP, o a cualquiera con acceso f\u00edsico al FIPS HSM, la informaci\u00f3n necesaria para generar la contrase\u00f1a correcta. En los sistemas vCMP, todos los Guests comparten la misma contrase\u00f1a determinista, lo que permite a aquellos con acceso TMSH en un Guest acceder a las claves de otro Guest diferente. Est\u00e1n afectadas las siguientes plataformas de hardware BIG-IP: 10350v-F, i5820-DF, i7820-DF, i15820-DF, 5250v-F, 7200v-F, 10200v-F, 6900-F, 8900-F, 11000-F, and 11050-F. Los sistemas BIG-IP rSeries r5920-DF y r10920-DF no se ven afectados y el problema tampoco afecta a las implementaciones FIPS de software ni a las configuraciones HSM de red. Nota: No se eval\u00faan las versiones de software que han alcanzado el fin del soporte t\u00e9cnico (EoTS)."}], "id": "CVE-2023-3470", "lastModified": "2024-11-21T08:17:20.213", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.2, "source": "f5sirt@f5.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-02T16:15:10.837", "references": [{"source": "f5sirt@f5.com", "tags": ["Vendor Advisory"], "url": "https://my.f5.com/manage/s/article/K000135449"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://my.f5.com/manage/s/article/K000135449"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1391"}], "source": "f5sirt@f5.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}