SB2018051735 - Multiple vulnerabilities in F5 BIG-IP
Published: May 17, 2018 Updated: May 22, 2018
Security Bulletin ID
SB2018051735
Severity
Medium
Patch available
YES
Number of vulnerabilities
8
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 8 secuirty vulnerabilities.
1) Improper input validation (CVE-ID: CVE-2017-6143)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.The weakness exists due to X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server's identity is not properly validated. A remote attacker can gain access to potentially sensitive information.
2) Improper input validation (CVE-ID: CVE-2017-6156)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.The weakness exists due to improper input validation when the system is configured with a wildcard IPSec tunnel endpoint. A remote attacker can disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations.
3) Improper resource shutdown (CVE-ID: CVE-2017-6148)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to responses to SOCKS proxy requests made through the BIG-IP system. A remote attacker can cause the service to crash.
4) Improper resource shutdown (CVE-ID: CVE-2018-5507)
The vulnerability allows an adjacent attacker to cause DoS condition on the target system.The weakness exists due to incorrect decryption of ciphertext from established SSL sessions with small MTU. An adjacent attacker can cause the service to crash.
5) Brute-force attack (CVE-ID: CVE-2018-5506)
The vulnerability allows a remote unauthenticated attacker to bypass security restrctions on the target system.The weakness exists in the Apache modules apache_auth_token_mod and mod_auth_f5_auth_token.cpp due to handling of invalid IP addresses. A remote attacker can bruteforce on the em_server_ip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager (EM) and managed BIG-IP devices.
6) Command injection (CVE-ID: CVE-2018-5511)
The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.The weakness exists in the Traffic Management User Interface due to command injection. A remote attacker can execute arbitrary commands with root privileges.
7) Data handling (CVE-ID: CVE-2018-5508)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in TMM due to processing compressed data through a Virtual Server with an associated PEM profile using the content insertion option. A remote attacker can cause the service to crash.
8) Data handling (CVE-ID: CVE-2017-6158)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in TMM due to handling of invalid IP addresses. A remote attacker can cause the service to crash.
Remediation
Install update from vendor's website.
References
- https://support.f5.com/csp/article/K11464209
- https://support.f5.com/csp/article/K05263202
- https://support.f5.com/csp/article/K55225440
- https://support.f5.com/csp/article/K52521791
- https://support.f5.com/csp/article/K65355492
- https://support.f5.com/csp/article/K30500703
- https://support.f5.com/csp/article/K10329515
- https://support.f5.com/csp/article/K19361245