Vulnerabilites related to f5 - websafe
Vulnerability from fkie_nvd
Published
2017-11-17 19:29
Modified
2025-04-20 01:37
Severity ?
7.4 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack.
References
f5sirt@f5.comhttp://www.securityfocus.com/bid/101901Third Party Advisory, VDB Entry
f5sirt@f5.comhttp://www.securitytracker.com/id/1039839Third Party Advisory, VDB Entry
f5sirt@f5.comhttps://robotattack.org/Technical Description, Third Party Advisory
f5sirt@f5.comhttps://support.f5.com/csp/article/K21905460Issue Tracking, Mitigation, Vendor Advisory
f5sirt@f5.comhttps://www.kb.cert.org/vuls/id/144389Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101901Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039839Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://robotattack.org/Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K21905460Issue Tracking, Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.kb.cert.org/vuls/id/144389Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
f5 big-ip_ltm *
f5 big-ip_ltm *
f5 big-ip_ltm 13.0.0
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 13.0.0
f5 big-ip_afm *
f5 big-ip_afm *
f5 big-ip_afm 13.0.0
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics 13.0.0
f5 big-ip_apm *
f5 big-ip_apm *
f5 big-ip_apm 13.0.0
f5 big-ip_asm *
f5 big-ip_asm *
f5 big-ip_asm 13.0.0
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller 13.0.0
f5 big-ip_pem *
f5 big-ip_pem *
f5 big-ip_pem 13.0.0
f5 websafe *
f5 websafe 11.6.2
f5 websafe 13.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ltm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BD6762-15E4-495A-BB93-66EBF5F81C24",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ltm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E03DAF-41DD-45C6-BD69-EAD1423BEFF0",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ltm:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8201185-406F-4769-8690-9734C3DA2B48",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6932A666-B5B2-463F-922E-303E95BEF9F8",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E45CF5-C9E4-4AB9-A6D5-66F8336DDB79",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_afm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF5BC5CE-AD6C-4225-B45A-71E6D709F9AB",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_afm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEFC0AC4-E0A9-4EAE-B573-F70F5B5375DB",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_afm:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17A138CE-D1E3-4331-89F6-717539F1B59F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95131361-AFA7-43CA-9426-4F9A6644D337",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25944BCA-3EEB-4396-AC8F-EF58834BC47E",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "34D75E7F-B65F-421D-92EE-6B20756019C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_apm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB69EC13-3CDB-44C9-9328-7BE4F7E0013A",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_apm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC0762B8-793F-4619-9BA6-F98654F05B9D",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_apm:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E66DDC7E-1DFA-45C0-AA78-C44EE39352E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_asm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "465D4268-5052-4FF1-936F-813E8971A72B",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_asm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A00C9178-7218-483B-8280-5B5F39695772",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_asm:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "795163B3-60B2-4C3B-AFF9-14B19D728811",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3938A3B7-CF57-477D-9C88-478B75D720B8",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4A5CD9B-D257-4EC9-8C57-D9552C2FFFFC",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_pem:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA238C0E-74F9-4395-ACE0-0B3266ED12C4",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_pem:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E02B0B-3539-467A-9A2D-0D0B24C60ABC",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_pem:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4700490-894F-4CCD-92A4-595043F38B7F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:websafe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28F486A3-129D-470E-94B7-7ED06E3740A6",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:websafe:11.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "186C996F-8E31-493B-BC0F-C5D831AB0BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:websafe:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2175D656-06F7-4708-9DC0-E859BABD3CC6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack."
    },
    {
      "lang": "es",
      "value": "En BIG-IP en las versiones desde la 11.6.0 hasta la 11.6.2 (solucionado en la versi\u00f3n 11.6.2 HF1), desde la 12.0.0 hasta la 12.1.2 HF1 (solucionado en la versi\u00f3n 12.1.2 HF2) o desde la 13.0.0 hasta la 13.0.0 HF2 (solucionado en la versi\u00f3n 13.0.0 HF3) un servidor virtual configurado con un perfil SSL de cliente puede ser vulnerable a un ataque adaptativo de texto cifrado escogido (tambi\u00e9n conocido como ataque Bleichenbacher) contra RSA. Cuando se explota este ataque, puede dar lugar a la recuperaci\u00f3n de texto plano de mensajes cifrados y/o a un ataque Man-in-the-middle (MiTM), a pesar de que el atacante no haya obtenido acceso a la propia clave privada del servidor. Esto tambi\u00e9n se conoce como ataque ROBOT."
    }
  ],
  "id": "CVE-2017-6168",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-11-17T19:29:00.217",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101901"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039839"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://robotattack.org/"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K21905460"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/144389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://robotattack.org/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K21905460"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/144389"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-01-08 01:15
Modified
2024-11-21 02:11
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
References
cret@cert.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/95841Third Party Advisory, VDB Entry
cret@cert.orghttps://support.f5.com/csp/article/K44942017
cret@cert.orghttps://support.f5.com/csp/article/K44942017
cret@cert.orghttps://support.f5.com/csp/article/K44942017?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/95841Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K44942017
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K44942017
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K44942017?utm_source=f5support&amp%3Butm_medium=RSS
Impacted products
Vendor Product Version
ntp ntp 4.2.7
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 15.0.0
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager 15.0.0
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 15.0.0
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 15.0.0
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 15.0.0
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system 15.0.0
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 15.0.0
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 15.0.0
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager 15.0.0
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator 11.2.1
f5 big-iq_adc 4.5.0
f5 big-iq_centralized_management *
f5 big-iq_centralized_management *
f5 big-iq_centralized_management 4.6.0
f5 big-iq_cloud *
f5 big-iq_cloud_and_orchestration 1.0.0
f5 big-iq_device *
f5 big-iq_security *
f5 enterprise_manager 3.1.1
f5 iworkflow *
f5 mobilesafe 1.0.0
f5 websafe 1.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p25:*:*:*:*:*:*",
              "matchCriteriaId": "FE315238-7191-4A2E-A3C6-2162BE589C78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40267CF4-9AC8-48ED-9DD4-7F947045AE9C",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "699BDE7D-B02D-41A8-BD2C-936B54107616",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D2F203-B830-42E5-AE54-17453F72A45D",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1331467F-B278-485E-AD91-7D0643C2F3DB",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEBAD7C4-AC37-463F-B63C-6EAD5542F2A0",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E695F85-F170-4FD4-819E-7DAF31662BF4",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AD67D31-7FB8-4A3F-915D-385617E21428",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E866C4E5-D739-4352-9B6D-9753B4C78A24",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "720A06E3-441B-4D51-8FC0-D569DD7FEB10",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7CC5A1-6E7B-48BE-9E0A-0D1E51FCEA3D",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2620230F-1D8D-423D-953E-9EEF934C56DD",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42D16634-442B-4674-B11E-6748D28764BD",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713EB3E7-A657-4F6A-901D-618AF660CBBC",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55C26031-A354-4E19-A1C3-415336B2E7C5",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9AF8FC-B730-428D-B317-86ABEF924299",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D91EC11-DD9A-434B-9EB4-14AA0E977D8D",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2833083-97E9-4B3C-8E6B-BCAC1851D148",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC01B17-9BC3-425F-8187-5AE7B0AAC227",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DD8FE5B-DA42-41F3-AF57-2DB6C0C70661",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "283155E5-EEAB-4E05-A0E7-B9C5077A5029",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E697E4FD-1882-4BF8-9B9F-FB7DFD19497B",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6434ED4F-0BA2-445A-B6E9-D3E301EE3930",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90D8985-EDE3-4613-9B4A-E3929D1D3721",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "394DF290-9328-4FAD-B04E-61F62B916148",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEC2164D-11D0-4DCD-B814-6AB185C3BADF",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8F3686-2C9F-4EB1-973D-FBBC6401744F",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94BB8ADB-C47F-451D-8431-BAE51137C0D8",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1456F84-12B3-462C-A007-262680AA114B",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FBFE46-BCFB-4337-8990-9E92C5C0647E",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9071FCDD-36CE-49F2-9CB1-4495BF852F5B",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72ED4B6A-EC5B-400E-88B7-6C986FC5BC4F",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68E2840B-96F4-4437-91D1-4AFE99E54D6A",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C950E6-BF12-43D4-9125-AD9D90EDD67A",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC944480-C2AD-4338-871D-02DE26B3E80A",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "534529CB-53EF-4ABB-A220-6B42DB5A69DC",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2670B3-1A96-4E72-A316-0AF826E8EC8B",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B83479FA-82FB-4F71-9B98-E683745DB49E",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17CC587-3325-4D95-BE63-B948C63B411D",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A75EC568-E2B5-4F4E-AECC-44EA39A7EA21",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37257612-FAA4-4004-A4D3-4624F06F0615",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15F4D416-10F4-4C08-A25D-0795F7FE0FBE",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AD3B4BB-7F5C-4565-9345-2D4895630AAD",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C31E9AFD-27D1-47C4-A577-20BF6B42A1CA",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "041CE71A-50D1-44E6-B683-CD7F89C51893",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84923CD-9BC8-4241-82A3-5848333FFEB7",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A35703D-1BE0-459B-BDF0-08FB7C36A17E",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "559900D6-7E43-4D2F-9167-BDB04DD5D0DB",
              "versionEndIncluding": "5.4.0",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F37D18F2-8C6A-4557-85DC-2A751595423C",
              "versionEndIncluding": "6.1.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:iworkflow:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD83CC2-44E9-43F2-A9EF-E6A0C9C6E261",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:mobilesafe:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA70E87-466F-4B68-BFA1-C33FCEEE9FEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:websafe:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE8D2705-DD84-4F26-94E1-4E6644556A98",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en los mensajes privados (modo 6/7) de NTP versi\u00f3n 4.2.7p25 por medio de un mensaje de control GET_RESTRICT, que podr\u00eda permitir a un usuario malicioso obtener informaci\u00f3n confidencial."
    }
  ],
  "id": "CVE-2014-5209",
  "lastModified": "2024-11-21T02:11:37.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-08T01:15:09.547",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2014-5209 (GCVE-0-2014-5209)
Vulnerability from cvelistv5
Published
2020-01-08 00:29
Modified
2024-08-06 11:41
Severity ?
CWE
  • information disclosure
Summary
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
References
Impacted products
Vendor Product Version
NTP NTP Version: 4.2.7p25
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:41:47.478Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K44942017"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K44942017"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NTP",
          "vendor": "NTP",
          "versions": [
            {
              "status": "affected",
              "version": "4.2.7p25"
            }
          ]
        }
      ],
      "datePublic": "2014-08-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-08T00:31:11",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K44942017"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K44942017"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2014-5209",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NTP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.2.7p25"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NTP"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K44942017",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K44942017"
            },
            {
              "name": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
            },
            {
              "name": "https://support.f5.com/csp/article/K44942017",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K44942017"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2014-5209",
    "datePublished": "2020-01-08T00:29:42",
    "dateReserved": "2014-08-13T00:00:00",
    "dateUpdated": "2024-08-06T11:41:47.478Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-6168 (GCVE-0-2017-6168)
Vulnerability from cvelistv5
Published
2017-11-17 19:00
Modified
2024-08-05 15:18
Severity ?
CWE
  • n/a
Summary
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack.
References
https://robotattack.org/ x_refsource_MISC
https://support.f5.com/csp/article/K21905460 x_refsource_CONFIRM
http://www.securityfocus.com/bid/101901 vdb-entry, x_refsource_BID
https://www.kb.cert.org/vuls/id/144389 third-party-advisory, x_refsource_CERT-VN
http://www.securitytracker.com/id/1039839 vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:18:49.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://robotattack.org/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K21905460"
          },
          {
            "name": "101901",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101901"
          },
          {
            "name": "VU#144389",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/144389"
          },
          {
            "name": "1039839",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039839"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-11-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-12T17:57:02",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://robotattack.org/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K21905460"
        },
        {
          "name": "101901",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101901"
        },
        {
          "name": "VU#144389",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/144389"
        },
        {
          "name": "1039839",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039839"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2017-6168",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://robotattack.org/",
              "refsource": "MISC",
              "url": "https://robotattack.org/"
            },
            {
              "name": "https://support.f5.com/csp/article/K21905460",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K21905460"
            },
            {
              "name": "101901",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101901"
            },
            {
              "name": "VU#144389",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/144389"
            },
            {
              "name": "1039839",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039839"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2017-6168",
    "datePublished": "2017-11-17T19:00:00",
    "dateReserved": "2017-02-21T00:00:00",
    "dateUpdated": "2024-08-05T15:18:49.948Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}