All the vulnerabilites related to f5 - big-ip_8400
Vulnerability from fkie_nvd
Published
2012-07-09 22:55
Modified
2024-11-21 01:37
Severity ?
Summary
F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0EE189B0-8D8C-4958-BD3C-02ED116E1C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:9.2.0:hf4:*:*:*:*:*:*",
"matchCriteriaId": "CE7833D8-E7F0-4BE0-82D0-E091D51FB647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "45BB546C-C3F6-408D-A5B2-37C115C5F81D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "37414FCA-F520-4C5F-8649-65A05EB67A63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB92D5C1-4BA5-40B3-A4A2-D0D9EBA41204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A18371B8-13AC-4F9A-8BFB-CAC052E7BDD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:9.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D43BDE50-98A0-47DB-A5EA-463A137E3C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC2A0DC-D931-4450-8D0F-3223A8EDCED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:hf1:*:*:*:*:*:*",
"matchCriteriaId": "A2A0390D-6C9E-4417-9265-B9C3C2D3ABC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:hf1:*:*:*:*:*:*",
"matchCriteriaId": "9AED0FFD-DFF4-431D-A189-DCD1F00600D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:hf2:*:*:*:*:*:*",
"matchCriteriaId": "CEE80F37-A5A9-4276-83D4-13F65101A4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A90BD6BC-E7C9-4173-BD2F-16C4D96CE4B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A885EC50-94FA-4367-A9B2-79C8678DEE45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:9.4.8:hf4:*:*:*:*:*:*",
"matchCriteriaId": "A2D8F66D-D004-441F-8592-072DC08588E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:hf1:*:*:*:*:*:*",
"matchCriteriaId": "17826296-E488-4AB3-9D81-908BA3783985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:hf1:*:*:*:*:*:*",
"matchCriteriaId": "EACC4566-B29A-41DD-A568-7A3E1F1CDBD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:hf2:*:*:*:*:*:*",
"matchCriteriaId": "BD3700DB-FF49-4B44-8480-77ABC4C287E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73DDA0EE-E994-4533-980D-1BD21FD68CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0A19A678-1BEC-407E-BC8C-FB38B2AB7DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:9.4.8:hf4:*:*:*:*:*:*",
"matchCriteriaId": "13091AF2-84E3-4342-A588-D81EDFCED025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:hf1:*:*:*:*:*:*",
"matchCriteriaId": "7F317BE0-1121-4CD9-A4BE-9EC07DB7834E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:hf1:*:*:*:*:*:*",
"matchCriteriaId": "6A3F75C1-864F-4F20-AAF3-29DAA5F3B421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:hf2:*:*:*:*:*:*",
"matchCriteriaId": "E752C74C-BE49-45EA-8ACC-C0ACBF3A795C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12B9EDF4-53E1-472C-A4FD-0F5BEC3A70D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "119C2CB6-23C5-40B2-805C-E48B4A7FDBF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04C3A906-6DB7-405A-924B-35D9C53E2453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADD5E15-8174-4C87-A8DF-A266B90D0644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "63D35C2D-DD83-4337-AEA1-5B7E9D5E2EE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5DFC90CF-9AAA-4D3E-9F91-1B278EA46E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A0DB69D7-AEBB-428F-A229-9132D91342CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6A96B67C-DD7B-441D-A18B-59F5680D10AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8D947C-2A9F-47AD-B221-C80107DD341E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "431E7D83-CC65-4A8B-8A3E-5D9C5D6BE406",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A49E573B-F732-4F96-B7F2-DE7989D403CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F98E8B40-12E1-4B27-98F3-AF589E516EF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8E71C845-F308-4B36-81DD-906F2C5D8226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8FAE8872-60E7-453E-8C6F-20D970EFAA70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96240FCA-244C-40E5-9509-2F79ECF51BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "724E2496-E0D2-47AF-AC30-CC671731A37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A70E46B6-FFE2-47A6-A907-E606E8D16495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8783BBE4-A081-4409-A369-B063C4D73C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "951A82A0-3C91-4B50-AE4D-929A4EA75F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "38992D08-E1FF-4C89-982E-635C43B5BC2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0E5C68-817D-4C60-9FF8-EFD823AF0155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2DB005-3F29-4688-A6A8-10F4A2C0C32B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51E24585-5039-4907-A405-75A939699F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "829DAFB8-7166-42BA-85BE-91FFC835AB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18FDF8B1-F050-47D8-B13D-1374D686D58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2CFEAE-3E21-4C3C-98B7-018B18412326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA276CB-747E-483D-91D0-9C5D7FB605F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "015A58C4-0DD1-4DC3-9C24-640C20991187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "489ED68B-86BF-4ED8-B06A-B6822E8EA55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8E11B7-CC05-468D-BD7F-5A97824621A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FFEF3EF7-264D-4A0F-8321-4630E5676DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE7E3E7-E092-44D5-9945-2E4A6BF7ACAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55F5D334-5D5D-4315-B417-F9882114F603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AED1620D-7812-4155-9645-EC2900E8A9B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "238F0964-D138-4673-9747-C73E8D84E367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7532FEDA-37FF-4860-9ACE-6D904A2EFF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FEE51BD2-9C95-426D-B420-CB8D76EDB572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9DE7FE6C-0B24-44B0-8204-095DADECA17C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "986D8ED8-9128-4C26-98F6-A93D331077DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B62E51-32C6-4F35-81EC-7628DFC87F48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E015C9-15AE-4533-AD9C-92281861EE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:9.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE2E420-940D-4AAC-94FD-C8B80A8423A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6935B3-E935-4865-8B61-3B17FA87B436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C757A92-C427-4626-82A3-988886F9809D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AFDCE34A-8ECE-43F5-9E62-70BB43405B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:f5:tmos:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3648FF8-817B-436B-806C-0781DFC927E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:f5:big-ip_1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2086937F-F558-4B49-B222-0646AE61D157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_11000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1656DDF4-5B0E-40A5-8D93-D03CA8F10E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_11050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69EBCB26-1BDE-4DFC-B3B7-28E5D69AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9BA13D-B0B3-4870-83E3-9796B5883ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_1600:*:*:*:*:*:*:*:*",
"matchCriteriaId": "786326DC-6C7F-4D6C-BE65-6C4723D857FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_2400:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D17AAFBC-0012-4E61-81D1-336A2F24EEA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_3400:*:*:*:*:*:*:*:*",
"matchCriteriaId": "766D79A2-E51D-491F-9785-95984A7F0DBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_3410:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD3FD207-C83A-470F-96CA-FA2EB17F4315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_3600:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A17505-8B61-4535-B0F8-754B7B6D0EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_3900:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1A153E-E21A-4594-97D5-B02C34E7D7C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_4100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E63AF29-2F47-4899-A829-3CC458E3850E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_5100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C78855DC-931D-48AD-A30C-F82C03032EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_5110:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B5CE67A-4D32-4786-9E01-61FAD67C3666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_6400:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F065083A-5334-48FF-A756-3352D15E089B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_6800:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28CC85A9-E82A-4B0F-A375-D13D51860322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_6900:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88F44776-0C3A-4B46-BD9B-D7E1EAFCF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_8400:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F33C2197-1A09-4792-85BD-63474611563E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_8800:*:*:*:*:*:*:*:*",
"matchCriteriaId": "936172D6-E69E-4794-841D-A153295EA2F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_8900:*:*:*:*:*:*:*:*",
"matchCriteriaId": "888652BB-4ED1-4326-94E1-C82B63D9017B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_8950:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F5C08EA-74CF-44F6-9344-3E6E4ADE3891",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:virtual:*:*:*:*:*",
"matchCriteriaId": "FE4802B8-7017-4D39-8507-5A59FCFE6CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:1.0:*:virtual:*:*:*:*:*",
"matchCriteriaId": "CD819E94-A350-47F3-B71A-C7E11002A192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:2.0:*:virtual:*:*:*:*:*",
"matchCriteriaId": "C9ABB363-0A07-41ED-BA02-EEE66E08A1BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:2.1.0:*:virtual:*:*:*:*:*",
"matchCriteriaId": "BA9E53D2-8C14-4667-8DC1-C8AF30753D25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:2.1.0:hf1:virtual:*:*:*:*:*",
"matchCriteriaId": "B8212A6F-4B50-4CE0-BC6A-CFB994981310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:2.2.0:*:virtual:*:*:*:*:*",
"matchCriteriaId": "360AC53C-552B-4657-8C34-F744D632029D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:2.3.0:*:virtual:*:*:*:*:*",
"matchCriteriaId": "F5D5159F-3673-417B-A861-FDE121828B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:2.3.0:hf2:virtual:*:*:*:*:*",
"matchCriteriaId": "4C305BD6-2C86-4D6C-B456-EC9B5FB4A2EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D1E65DC-8232-473E-8D78-D41208F89906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:enterprise_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4331A16E-D66C-40E8-B595-46F3C77949F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:enterprise_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD4C91A-63A0-4535-9E5A-731518911707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:enterprise_manager:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE619B40-18EB-4F01-A416-63A66577F14F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:enterprise_manager:2.1.0:hf1:*:*:*:*:*:*",
"matchCriteriaId": "A7C407F0-CE8C-4F4D-9198-8E9D5B1550E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:enterprise_manager:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "003DFFC0-C51B-43B8-897A-6AD71A7B60FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:enterprise_manager:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05803D5C-15CD-4600-9703-951D28173E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:enterprise_manager:2.3.0:hf2:*:*:*:*:*:*",
"matchCriteriaId": "62C482B1-27D7-4A44-956A-2F7D107206A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers\u0027 installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option."
},
{
"lang": "es",
"value": "El dispositivo F5 BIG-IP v9.x anteriores a v9.4.8-HF5, v10.x anteriores a v10.2.4, v11.0.x anteriores a v11.0.0-HF2, y v11.1.x anteriores a v11.1.0-HF3, y Enterprise Manager anteriores a v2.1.0-HF2, v2.2.x anteriores a v2.2.0-HF1, y v2.3.x anteriores a v2.3.0-HF3, usa una clave privada SSH en distintas instalaciones de clientes, y no restringe el acceso a la mismas de forma adecuada, lo que facilita a atacantes remotos hacer login SSH a trav\u00e9s de la opci\u00f3n PubkeyAuthentication."
}
],
"id": "CVE-2012-1493",
"lastModified": "2024-11-21T01:37:05.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-09T22:55:00.887",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb"
},
{
"source": "cve@mitre.org",
"url": "https://www.trustmatta.com/advisories/MATTA-2012-002.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.trustmatta.com/advisories/MATTA-2012-002.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2012-1493
Vulnerability from cvelistv5
Published
2012-07-09 22:00
Modified
2024-09-17 01:20
Severity ?
EPSS score ?
Summary
F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.
References
| ▼ | URL | Tags |
|---|---|---|
| http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html | x_refsource_CONFIRM | |
| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb | x_refsource_MISC | |
| https://www.trustmatta.com/advisories/MATTA-2012-002.txt | x_refsource_MISC | |
| http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.trustmatta.com/advisories/MATTA-2012-002.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers\u0027 installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-09T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.trustmatta.com/advisories/MATTA-2012-002.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers\u0027 installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html",
"refsource": "CONFIRM",
"url": "http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html"
},
{
"name": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb",
"refsource": "MISC",
"url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb"
},
{
"name": "https://www.trustmatta.com/advisories/MATTA-2012-002.txt",
"refsource": "MISC",
"url": "https://www.trustmatta.com/advisories/MATTA-2012-002.txt"
},
{
"name": "http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1493",
"datePublished": "2012-07-09T22:00:00Z",
"dateReserved": "2012-03-01T00:00:00Z",
"dateUpdated": "2024-09-17T01:20:39.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}