Credentials management in Enterprise Manager - CVE-2012-1493
Published: July 10, 2012 / Updated: August 11, 2020
Vulnerability identifier: #VU43907
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Green
CVE-ID: CVE-2012-1493
CWE-ID: CWE-255
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vendor: F5 Networks
Affected software:
Enterprise Manager
Enterprise Manager
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.
How to mitigate CVE-2012-1493
Install update from vendor's website.
Sources
- http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html
- http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/
- https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb
- https://www.trustmatta.com/advisories/MATTA-2012-002.txt