On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) log files may contain BIG-IP secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration.
References
Configurations
History
07 Nov 2023, 03:13
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
03 Feb 2023, 18:40
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://support.f5.com/csp/article/K74327432?utm_source=f5support&utm_medium=RSS - Vendor Advisory |
Information
Published : 2019-09-04 16:15
Updated : 2023-12-10 12:59
NVD link : CVE-2019-6648
Mitre link : CVE-2019-6648
CVE.ORG link : CVE-2019-6648
JSON object : View
Products Affected
redhat
- openshift
f5
- container_ingress_service
CWE
CWE-532
Insertion of Sensitive Information into Log File