F5 Networks BIG-IP : IP Intelligence Feed List vulnerability (K11464209)
Medium Nessus Plugin ID 118629
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionX509 certificate verification was not correctly implemented in the IP
Intelligence Subscription and IP Intelligence feed-list features, and
thus the remote servers identity is not properly validated in certain
versions of BIG-IP. (CVE-2017-6143)
Affected BIG-IP systems may fail to properly validate the remote
server's identity. As a result, the IP Intelligence data may
potentially be compromised.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5