Exposure of BIG-IP Secrets in F5 Container Ingress Service (CIS) and Red Hat OpenShift (k8s-bigip-ctlr) Log Files

Exposure of BIG-IP Secrets in F5 Container Ingress Service (CIS) and Red Hat OpenShift (k8s-bigip-ctlr) Log Files

CVE-2019-6648 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) log files may contain BIG-IP secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration.

Learn more about our Cis Benchmark Audit For F5.