Computer Security
[EN] securityvulns.ru no-pyccku


F5 BIG-IP authentication bypass
Published:17.06.2012
Source:
SecurityVulns ID:12427
Type:remote
Threat Level:
6/10
Description:Full device acces is possible.
Affected:F5 : BIG-IP 11.1
CVE:CVE-2012-1493 (F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.)
Original documentdocumentFlorent Daigniere, [MATTA-2012-002] CVE-2012-1493; F5 BIG-IP remote root authentication bypass Vulnerability (17.06.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod