Cleartext Logging of SafeNet External Network HSM Partition Password in F5 BIG-IP LTM

Cleartext Logging of SafeNet External Network HSM Partition Password in F5 BIG-IP LTM

CVE-2017-6165 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the "/var/log/ltm" log file.

Learn more about our Cis Benchmark Audit For F5.