2019-04-15 17:29:00 2019-04-16 17:28:54

Platform dependent weakness. This issue only impacts iSeries platforms. On these platforms, in BIG-IP APM versions 14.0.0-14.1.0.1, 13.0.0-13.1.1.3, and 12.1.1 HF2-12.1.4, the secureKeyCapable attribute was not set which causes secure vault to not use the F5 hardware support to store the unit key. Instead the unit key is stored in plaintext on disk as would be the case for Z100 systems. Additionally this causes the unit key to be stored in UCS files taken on these platforms.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE
F5 Big-ip access policy manager 12.1.1 Hf2 (not an official CPE) F5 Big-ip access policy manager 12.1.2 (not an official CPE) F5 Big-ip access policy manager 12.1.3 (not an official CPE) F5 Big-ip access policy manager 12.1.3.1 (not an official CPE) F5 Big-ip access policy manager 12.1.3.2 (not an official CPE) F5 Big-ip access policy manager 12.1.3.3 (not an official CPE) F5 Big-ip access policy manager 12.1.3.4 (not an official CPE) F5 Big-ip access policy manager 12.1.3.5 (not an official CPE) F5 Big-ip access policy manager 12.1.3.6 (not an official CPE) F5 Big-ip access policy manager 12.1.3.7 (not an official CPE) F5 Big-ip access policy manager 12.1.4 (not an official CPE) F5 Big-ip access policy manager 13.0.0 (not an official CPE) F5 Big-ip access policy manager 13.0.1 (not an official CPE) F5 Big-ip access policy manager 13.1.0 (not an official CPE) F5 Big-ip access policy manager 13.1.0.1 (not an official CPE) F5 Big-ip access policy manager 13.1.0.2 (not an official CPE) F5 Big-ip access policy manager 13.1.0.3 (not an official CPE) F5 Big-ip access policy manager 13.1.0.4 (not an official CPE) F5 Big-ip access policy manager 13.1.0.5 (not an official CPE) F5 Big-ip access policy manager 13.1.0.6 (not an official CPE) F5 Big-ip access policy manager 13.1.0.7 (not an official CPE) F5 Big-ip access policy manager 13.1.0.8 (not an official CPE) F5 Big-ip access policy manager 13.1.1 (not an official CPE) F5 Big-ip access policy manager 13.1.1.3 (not an official CPE) F5 Big-ip access policy manager 14.0.0 (not an official CPE) F5 Big-ip access policy manager 14.0.0.4 (not an official CPE) F5 Big-ip access policy manager 14.1.0 (not an official CPE) F5 Big-ip access policy manager 14.1.0.1 (not an official CPE) F5 Big-ip advanced firewall manager 12.1.1 Hf2 (not an official CPE) F5 Big-ip advanced firewall manager 12.1.2 (not an official CPE) F5 Big-ip advanced firewall manager 12.1.3 (not an official CPE) F5 Big-ip advanced firewall manager 12.1.3.6 (not an official CPE) F5 Big-ip advanced firewall manager 12.1.4 (not an official CPE) F5 Big-ip advanced firewall manager 13.0.0 (not an official CPE) F5 Big-ip advanced firewall manager 13.0.1 (not an official CPE) F5 Big-ip advanced firewall manager 13.1.0 (not an official CPE) F5 Big-ip advanced firewall manager 13.1.1 (not an official CPE) F5 Big-ip advanced firewall manager 13.1.1.1 (not an official CPE) F5 Big-ip advanced firewall manager 13.1.1.3 (not an official CPE) F5 Big-ip advanced firewall manager 14.0.0 (not an official CPE) F5 Big-ip advanced firewall manager 14.0.0.4 (not an official CPE) F5 Big-ip advanced firewall manager 14.1.0 (not an official CPE) F5 Big-ip advanced firewall manager 14.1.0.1 (not an official CPE) F5 Big-ip analytics 12.1.1 Hf2 (not an official CPE) F5 Big-ip analytics 12.1.2 (not an official CPE) F5 Big-ip analytics 12.1.3 (not an official CPE) F5 Big-ip analytics 12.1.4 (not an official CPE) F5 Big-ip analytics 13.0.0 (not an official CPE) F5 Big-ip analytics 13.0.1 (not an official CPE) F5 Big-ip analytics 13.1.0 (not an official CPE) F5 Big-ip analytics 13.1.1 (not an official CPE) F5 Big-ip analytics 13.1.1.3 (not an official CPE) F5 Big-ip analytics 14.0.0 (not an official CPE) F5 Big-ip analytics 14.0.0.4 (not an official CPE) F5 Big-ip analytics 14.1.0 (not an official CPE) F5 Big-ip analytics 14.1.0.1 (not an official CPE) F5 Big-ip application acceleration manager 12.1.1 Hf2 (not an official CPE) F5 Big-ip application acceleration manager 12.1.2 (not an official CPE) F5 Big-ip application acceleration manager 12.1.3 (not an official CPE) F5 Big-ip application acceleration manager 12.1.4 (not an official CPE) F5 Big-ip application acceleration manager 13.0.0 (not an official CPE) F5 Big-ip application acceleration manager 13.0.1 (not an official CPE) F5 Big-ip application acceleration manager 13.1.0 (not an official CPE) F5 Big-ip application acceleration manager 13.1.1 (not an official CPE) F5 Big-ip application acceleration manager 13.1.1.3 (not an official CPE) F5 Big-ip application acceleration manager 14.0.0 (not an official CPE) F5 Big-ip application acceleration manager 14.0.0.4 (not an official CPE) F5 Big-ip application acceleration manager 14.1.0 (not an official CPE) F5 Big-ip application acceleration manager 14.1.0.1 (not an official CPE) F5 Big-ip application security manager 12.1.1 Hf2 (not an official CPE) F5 Big-ip application security manager 12.1.2 (not an official CPE) F5 Big-ip application security manager 12.1.3 (not an official CPE) F5 Big-ip application security manager 12.1.4 (not an official CPE) F5 Big-ip application security manager 13.0.0 (not an official CPE) F5 Big-ip application security manager 13.0.1 (not an official CPE) F5 Big-ip application security manager 13.1.0 (not an official CPE) F5 Big-ip application security manager 13.1.1 (not an official CPE) F5 Big-ip application security manager 13.1.1.3 (not an official CPE) F5 Big-ip application security manager 14.0.0 (not an official CPE) F5 Big-ip application security manager 14.0.0.4 (not an official CPE) F5 Big-ip application security manager 14.1.0 (not an official CPE) F5 Big-ip application security manager 14.1.0.1 (not an official CPE) F5 Big-ip domain name system 12.1.1 Hf2 (not an official CPE) F5 Big-ip domain name system 12.1.2 (not an official CPE) F5 Big-ip domain name system 12.1.3 (not an official CPE) F5 Big-ip domain name system 12.1.4 (not an official CPE) F5 Big-ip domain name system 13.0.0 (not an official CPE) F5 Big-ip domain name system 13.0.1 (not an official CPE) F5 Big-ip domain name system 13.1.0 (not an official CPE) F5 Big-ip domain name system 13.1.1 (not an official CPE) F5 Big-ip domain name system 13.1.1.3 (not an official CPE) F5 Big-ip domain name system 14.0.0 (not an official CPE) F5 Big-ip domain name system 14.0.0.4 (not an official CPE) F5 Big-ip domain name system 14.1.0 (not an official CPE) F5 Big-ip domain name system 14.1.0.1 (not an official CPE) F5 Big-ip edge gateway 12.1.1 Hf2 (not an official CPE) F5 Big-ip edge gateway 12.1.2 (not an official CPE) F5 Big-ip edge gateway 12.1.3 (not an official CPE) F5 Big-ip edge gateway 12.1.4 (not an official CPE) F5 Big-ip edge gateway 13.0.0 (not an official CPE) F5 Big-ip edge gateway 13.0.1 (not an official CPE) F5 Big-ip edge gateway 13.1.0 (not an official CPE) F5 Big-ip edge gateway 13.1.1 (not an official CPE) F5 Big-ip edge gateway 13.1.1.3 (not an official CPE) F5 Big-ip edge gateway 14.0.0 (not an official CPE) F5 Big-ip edge gateway 14.0.0.4 (not an official CPE) F5 Big-ip edge gateway 14.1.0 (not an official CPE) F5 Big-ip edge gateway 14.1.0.1 (not an official CPE) F5 Big-ip fraud protection service 12.1.1 Hf2 (not an official CPE) F5 Big-ip fraud protection service 12.1.2 (not an official CPE) F5 Big-ip fraud protection service 12.1.3 (not an official CPE) F5 Big-ip fraud protection service 13.0.0 (not an official CPE) F5 Big-ip fraud protection service 13.0.1 (not an official CPE) F5 Big-ip fraud protection service 13.1.0 (not an official CPE) F5 Big-ip fraud protection service 13.1.1 (not an official CPE) F5 Big-ip fraud protection service 13.1.1.3 (not an official CPE) F5 Big-ip fraud protection service 14.0.0 (not an official CPE) F5 Big-ip fraud protection service 14.0.0.4 (not an official CPE) F5 Big-ip fraud protection service 14.1.0 (not an official CPE) F5 Big-ip fraud protection service 14.1.0.1 (not an official CPE) F5 Big-ip global traffic manager 12.1.1 Hf2 (not an official CPE) F5 Big-ip global traffic manager 12.1.2 (not an official CPE) F5 Big-ip global traffic manager 12.1.3 (not an official CPE) F5 Big-ip global traffic manager 12.1.4 (not an official CPE) F5 Big-ip global traffic manager 13.0.0 (not an official CPE) F5 Big-ip global traffic manager 13.0.1 (not an official CPE) F5 Big-ip global traffic manager 13.1.0 (not an official CPE) F5 Big-ip global traffic manager 13.1.1 (not an official CPE) F5 Big-ip global traffic manager 14.0.0 (not an official CPE) F5 Big-ip global traffic manager 14.1.0 (not an official CPE) F5 Big-ip link controller 12.1.1 Hf2 (not an official CPE) F5 Big-ip link controller 12.1.2 (not an official CPE) F5 Big-ip link controller 12.1.3 (not an official CPE) F5 Big-ip link controller 12.1.4 (not an official CPE) F5 Big-ip link controller 13.0.0 (not an official CPE) F5 Big-ip link controller 13.0.1 (not an official CPE) F5 Big-ip link controller 13.1.0 (not an official CPE) F5 Big-ip link controller 13.1.1 (not an official CPE) F5 Big-ip link controller 13.1.1.3 (not an official CPE) F5 Big-ip link controller 14.0.0 (not an official CPE) F5 Big-ip link controller 14.0.0.4 (not an official CPE) F5 Big-ip link controller 14.1.0 (not an official CPE) F5 Big-ip link controller 14.1.0.1 (not an official CPE) F5 Big-ip local traffic manager 12.1.1 Hf2 (not an official CPE) F5 Big-ip local traffic manager 12.1.2 (not an official CPE) F5 Big-ip local traffic manager 12.1.3 (not an official CPE) F5 Big-ip local traffic manager 12.1.4 (not an official CPE) F5 Big-ip local traffic manager 13.0.0 (not an official CPE) F5 Big-ip local traffic manager 13.0.1 (not an official CPE) F5 Big-ip local traffic manager 13.1.0 (not an official CPE) F5 Big-ip local traffic manager 13.1.1 (not an official CPE) F5 Big-ip local traffic manager 13.1.1.3 (not an official CPE) F5 Big-ip local traffic manager 14.0.0 (not an official CPE) F5 Big-ip local traffic manager 14.0.0.4 (not an official CPE) F5 Big-ip local traffic manager 14.1.0 (not an official CPE) F5 Big-ip local traffic manager 14.1.0.1 (not an official CPE) F5 Big-ip policy enforcement manager 12.1.1 Hf2 (not an official CPE) F5 Big-ip policy enforcement manager 12.1.2 (not an official CPE) F5 Big-ip policy enforcement manager 12.1.3 (not an official CPE) F5 Big-ip policy enforcement manager 12.1.4 (not an official CPE) F5 Big-ip policy enforcement manager 13.0.0 (not an official CPE) F5 Big-ip policy enforcement manager 13.0.1 (not an official CPE) F5 Big-ip policy enforcement manager 13.1.0 (not an official CPE) F5 Big-ip policy enforcement manager 13.1.1 (not an official CPE) F5 Big-ip policy enforcement manager 13.1.1.3 (not an official CPE) F5 Big-ip policy enforcement manager 14.0.0 (not an official CPE) F5 Big-ip policy enforcement manager 14.0.0.4 (not an official CPE) F5 Big-ip policy enforcement manager 14.1.0 (not an official CPE) F5 Big-ip policy enforcement manager 14.1.0.1 (not an official CPE) F5 Big-ip webaccelerator 12.1.2 (not an official CPE) F5 Big-ip webaccelerator 12.1.3 (not an official CPE) F5 Big-ip webaccelerator 12.1.4 (not an official CPE) F5 Big-ip webaccelerator 13.0.0 (not an official CPE) F5 Big-ip webaccelerator 13.0.1 (not an official CPE) F5 Big-ip webaccelerator 13.1.0 (not an official CPE) F5 Big-ip webaccelerator 13.1.1 (not an official CPE) F5 Big-ip webaccelerator 13.1.1.3 (not an official CPE) F5 Big-ip webaccelerator 14.0.0 (not an official CPE) F5 Big-ip webaccelerator 14.1.0 (not an official CPE) F5 Big-ip webaccelerator12.1.1 Hf2 (not an official CPE)
Advisory Patch Confirmed Link
https://support.f5.com/csp/article/K18535734