← Back to CVE List

CVE-2019-6632

Published: 2019-07-03T19:15Z
Last Modified: 2024-11-21T04:46Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to encrypted configuration and/or UCS files. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt