On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle (MITM) attack, despite the attacker not having gained access to the server's private key itself. (CVE-2019-6593 also known as Zombie POODLE and GOLDENDOODLE.)
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
f5 big-ip access policy manager 12.1.0 |
||
f5 big-ip access policy manager 11.6.1 |
||
f5 big-ip access policy manager |
||
f5 big-ip local traffic manager 11.6.1 |
||
f5 big-ip local traffic manager 12.1.0 |
||
f5 big-ip local traffic manager |
||
f5 big-ip advanced firewall manager 11.6.1 |
||
f5 big-ip advanced firewall manager |
||
f5 big-ip advanced firewall manager 12.1.0 |
||
f5 big-ip analytics 11.6.1 |
||
f5 big-ip analytics 12.1.0 |
||
f5 big-ip analytics |
||
f5 big-ip application security manager 11.6.1 |
||
f5 big-ip application security manager 12.1.0 |
||
f5 big-ip application security manager |
||
f5 big-ip domain name system 11.6.1 |
||
f5 big-ip domain name system |
||
f5 big-ip domain name system 12.1.0 |
||
f5 big-ip edge gateway 12.1.0 |
||
f5 big-ip edge gateway 11.6.1 |
||
f5 big-ip edge gateway |
||
f5 big-ip fraud protection service 12.1.0 |
||
f5 big-ip fraud protection service 11.6.1 |
||
f5 big-ip fraud protection service |
||
f5 big-ip global traffic manager 12.1.0 |
||
f5 big-ip global traffic manager |
||
f5 big-ip global traffic manager 11.6.1 |
||
f5 big-ip link controller 11.6.1 |
||
f5 big-ip link controller |
||
f5 big-ip link controller 12.1.0 |
||
f5 big-ip policy enforcement manager 12.1.0 |
||
f5 big-ip policy enforcement manager 11.6.1 |
||
f5 big-ip policy enforcement manager |
||
f5 big-ip webaccelerator 11.6.1 |
||
f5 big-ip webaccelerator 12.1.0 |
||
f5 big-ip webaccelerator |
Vulmon