#VU11622 Improper access control in BIG-IP DNS

Cybersecurity Help s.r.o.

Published: 2018-04-10

Vulnerability identifier: #VU11622

Vulnerability risk: Low

CVSSv4.0: 8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: N/A

CWE-ID: CWE-284

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
BIG-IP DNS
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: F5 Networks

Description
The vulnerability allows a remote attacker to obtain potentially sensitive information and write arbitrary files on the target system.

The weakness exists due to improper access control. On systems where the hostname is a public domain name that the BIG-IP system owner does not control, a remote attacker can hijack the DNS to cause DNS queries to be redirected to a remote DNS server.

Mitigation
Cybersecurity is currently unaware of any solutions addressing the vulnerability.

Vulnerable software versions

BIG-IP DNS: 12.0.0 HF1 - 13.1.0.3

External links
https://support.f5.com/csp/article/K32518458

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Security restrictions bypass in F5 BIG-IP DNS