The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K92451315 advisory.

    The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to     compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In     such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent     over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across     multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites.
    This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL     1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected     1.0.2-1.0.2v).(CVE-2020-1968)ImpactAn attacker may be able to exploit OpenSSL Transport Layer Security     (TLS), which allows unauthorized exposure of information when Diffie-Hellman (DH) secrets are reused     across multiple TLS connections.

Tenable has extracted the preceding description block directly from the F5 Networks BIG-IP security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Detections

Analytics

F5 Networks BIG-IP : OpenSSL vulnerability (K92451315)

low Nessus Plugin ID 163235

Version 1.8