BIG-IP SNMP vulnerability CVE-2018-15328

2018-12-1123:00:00

support.f5.com

0.001 Low

EPSS

Percentile

46.9%

JSON

The passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files. (CVE-2018-15328)

Note: The BIG-IP system Secure Vault feature provides an additional layer of security to the BIG-IP system by encrypting passwords and passphrases, which the system stores in its configuration files. For more information, refer to K73034260: Overview of the BIG-IP system Secure Vault feature.

Impact

BIG-IP, BIG-IQ, F5 iWorkflow, and Enterprise Manager

This vulnerability may allow an attacker to use the clear text passphrases to compromise the SNMP monitoring devices.

Traffix SDC

There is no impact; this F5 product is not affected by this vulnerability.

CPENameOperatorVersion
big-ip (ltm, aam, afm, analytics, apm, asm, dns, edge gateway, fps, gtm, link controller, pem, webaccelerator)eq14.0.0
enterprise managereq3.1.1
big-iq centralized managementle7.1.0
f5 iworkflowle2.3.0

Name	Operator	Version
big-ip (ltm, aam, afm, analytics, apm, asm, dns, edge gateway, fps, gtm, link controller, pem, webaccelerator)	eq	14.0.0
enterprise manager	eq	3.1.1
big-iq centralized management	le	7.1.0
f5 iworkflow	le	2.3.0

0.001 Low

EPSS

Percentile

46.9%

JSON

Related for F5:K42027747