Improper Authentication in BIG-IP APM - CVE-2021-23008
Published: April 29, 2021
Vulnerability identifier: #VU52738
CSH Severity: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2021-23008
CWE-ID: CWE-287
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
BIG-IP APM
BIG-IP APM
Software vendor:
F5 Networks
F5 Networks
Description
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error when processing authentication requests. A remote attacker can bypass authentication process using a spoofed AS-REP (Kerberos Authentication Service Response) response sent over a hijacked KDC (Kerberos Key Distribution Center) connection, or from an AD server compromised by an attacker.
Successful exploitation of the vulnerability may allow an attacker to gain full control over the affected system.
Remediation
Install updates from vendor's website.