Lucene search
F5F5:K11155549HistoryJan 17, 2020 - 12:00 a.m.
K11155549 : IPSEC vulnerability CVE-2019-14899
2020-01-1700:00:00
my.f5.com
29
Security Advisory Description
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel. (CVE-2019-14899)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
redhatcve
redhatcve
CVE-2019-14899
2019-12-10 21:57:22
checkpoint_security
checkpoint_security
ubuntucve
ubuntucve
CVE-2019-14899
2019-12-11 00:00:00
cvelist
cvelist
CVE-2019-14899
2019-12-11 14:45:12
cve
cve
CVE-2019-14899
2019-12-11 15:15:14
prion
prion
Design/Logic Flaw
2019-12-11 15:15:00
symantec
symantec
Multiple Linux Distributions CVE-2019-14899 Security Bypass Vulnerability
2019-12-04 00:00:00
ibm
ibm
thn
thn
New Linux Bug Lets Attackers Hijack Encrypted VPN Connections
2019-12-06 11:02:00
threatpost
threatpost
Linux Bug Opens Most VPNs to Hijacking
2019-12-06 16:54:02
nvd
nvd
CVE-2019-14899
2019-12-11 15:15:14
apple
apple
About the security content of iOS 14.0 and iPadOS 14.0 - Apple Support
2020-12-15 05:43:15
About the security content of tvOS 13.4.8 - Apple Support
2020-12-15 05:58:45
About the security content of tvOS 13.4.8
2020-07-15 00:00:00
nessus
nessus
macOS 11.0.x < 11.0.1
2020-11-19 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT211931)
2022-09-22 00:00:00