Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) log files may contain BIG-IP secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
F5 Container Ingress Services 日志信息泄露漏洞
Vulnerability Description
F5 Container Ingress Services是美国F5公司的一款为容器部署提供应用程序服务的产品。该产品主要提供Ingress控制HTTP路由、负载平衡和应用程序交付等功能。 F5 Container Ingress Services(用于Kubernetes和Red Hat OpenShift)k8s-bigip-ctlr:1.9.0版本中存在安全漏洞,该漏洞源于CIS服务的日志文件包含有敏感信息(SSL私钥和私钥密码短语)。攻击者可利用该漏洞检索这些信息。
CVSS Information
N/A
Vulnerability Type
N/A