4.3
CVSSv2

CVE-2014-8730

Published: 10/12/2014 Updated: 03/01/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle malicious users to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself.

Vulnerability Trend

Affected Products

Vendor Product Versions
F5Big-ip Access Policy Manager10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.5.0, 11.5.1
F5Big-ip Advanced Firewall Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1
F5Big-ip Analytics11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1
F5Big-ip Application Acceleration Manager11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.6.0
F5Big-ip Application Security Manager10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.1
F5Big-ip Edge Gateway10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0
F5Big-ip Local Traffic Manager10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.1
F5Big-ip Policy Enforcement Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.6.0
F5Big-ip Protocol Security Module10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1
F5Big-ip Wan Optimization Manager10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0
F5Big-ip Webaccelerator10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0
F5Big-iq Cloud4.0.0, 4.1.0, 4.2.0, 4.3.0, 4.4.0
F5Big-iq Device4.2.0, 4.3.0, 4.4.0
F5Big-iq Security4.0.0, 4.1.0, 4.2.0, 4.3.0, 4.4.0

Vendor Advisories

Some implementations of the TLS v1, 11, and 12 protocol have a padding-oracle cryptography flaw A man-in-the-middle attacker can use this flaw to obtain plain text from the intercepted TLS session ...
A vulnerability in certain implementations of the TLSv1 protocol could allow an unauthenticated, remote attacker to access sensitive information The vulnerability is due to improper block cipher padding implemented in TLSv1 when using Cipher Block Chaining (CBC) mode An attacker could exploit the vulnerability to perform an "oracle padding" side ...

Recent Articles

Zombie POODLE wanders in, cocks leg on TLS
The Register • Richard Chirgwin • 09 Dec 2014

How much is that doggy gonna hack you?

Google might have taken POODLE to a distant country road, let it out and driven away fast, but according to Qualys, the vulnerability has returned, repurposed, as an attack on Transaction Layer Security (TLS).
Designated CVE-2014-8730, the new attack vector exploits the same class of problem as POODLE: an error in the handling of padding. Qualys reckons the new attack, which works on TLS 1.2, is possible because while TLS has much stricter padding requirements than SSL 3 (which was the tar...