ID
VAR-E-200507-0345
TITLE
F5 BIG-IP Unspecified SSL Authentication Bypass Vulnerability
Trust: 0.3
DESCRIPTION
F5 BIG-IP is susceptible to an unspecified SSL authentication bypass vulnerability.
It is conjectured that if the BIG-IP is configured to authenticate by utilizing certificate-based authentication, attackers may be able to bypass the requested authentication checks. This allows remote attackers to gain access to protected Web sites. Depending on the nature of the protected Web sites, various further attacks may also be possible.
Further details are not currently available. This BID will be updated as more information is disclosed.
Versions of BIP-IP from 9.0.2 through to 9.1 are affected.
Trust: 0.3
AFFECTED PRODUCTS
vendor: | f5 | model: | big-ip | scope: | eq | version: | 9.1 | Trust: 0.3 |
vendor: | f5 | model: | big-ip | scope: | eq | version: | 9.0.5 | Trust: 0.3 |
vendor: | f5 | model: | big-ip | scope: | eq | version: | 9.0.4 | Trust: 0.3 |
vendor: | f5 | model: | big-ip | scope: | eq | version: | 9.0.3 | Trust: 0.3 |
vendor: | f5 | model: | big-ip | scope: | eq | version: | 9.0.2 | Trust: 0.3 |
EXPLOIT
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Unknown
Trust: 0.3
CREDITS
The vendor disclosed this vulnerability.
Trust: 0.3
EXTERNAL IDS
db: | BID | id: | 14215 | Trust: 0.3 |
REFERENCES
url: | http://tech.f5.com/home/bigip-next/solutions/security/sol4944.html | Trust: 0.3 |
url: | http://www.f5.com/f5products/bigip/ | Trust: 0.3 |
SOURCES
db: | BID | id: | 14215 |
LAST UPDATE DATE
2022-07-27T09:26:23.782000+00:00
SOURCES UPDATE DATE
db: | BID | id: | 14215 | date: | 2005-07-12T00:00:00 |
SOURCES RELEASE DATE
db: | BID | id: | 14215 | date: | 2005-07-12T00:00:00 |