Improper X509 Certificate Verification in F5 BIG-IP

Improper X509 Certificate Verification in F5 BIG-IP

CVE-2017-6143 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server's identity is not properly validated in F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.2, or 11.5.0-11.5.5.

Learn more about our Cis Benchmark Audit For F5.