On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ HA ElasticSearch service does not implement any form of authentication for the clustering transport services, and all data used by ElasticSearch for transport is unencrypted. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published: 2021-03-31T17:35:54

Updated: 2024-08-03T18:58:26.127Z

Reserved: 2021-01-06T00:00:00

Link: CVE-2021-22997

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-03-31T18:15:15.037

Modified: 2024-11-21T05:51:05.597

Link: CVE-2021-22997

cve-icon Redhat

No data.