QID 375673

F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.
F5 BIG-IP (LTM) Local Traffic Manager is the most popular module offered on F5 Networks BIG-IP platform. The real power of the LTM is it is a Full Proxy, allowing you to augment client and server side connections. All while making informed load balancing decisions on availability, performance, and persistence.
F5 BIG-IP Access Policy Manager (APM) is a secure, flexible, high-performance solution that provides unified global access to your network, cloud, and applications.

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions that result in the Elliptic Curve Cryptography point multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.

Vulnerable Component: BIG-IP ASM, APM,LTM

Affected Versions:
16.0.0 - 16.0.1
15.1.0 - 15.1.3
14.1.0 - 14.1.4

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

A flaw in the low level cryptography library code may cause the Unbound DNS server used for the DNS caching feature to become unstable. This vulnerability only affects systems that have DNS caching configured. F5 is not aware of any exploit methods that can take advantage of this vulnerability; therefore, the vulnerability is currently only a theoretical threat.