CVE-2014-4024 Information
Feb 14, 2021
cve
Description
SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9 11.x before 11.2.1 HF12 11.3.0 before HF10 11.4.0 before HF8 11.4.1 before HF5 11.5.0 before HF5 and 11.5.1 before HF5 when used with third-party Secure Sockets Layer (SSL) accelerator cards might allow remote attackers to have unspecified impact via a timing side-channel attack.
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Reference
https://exchange.xforce.ibmcloud.com/vulnerabilities/95834 https://support.f5.com/csp/article/K15500
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
NONE
Base Severity
5.9
Share on: