F5 Networks BIG-IP : ConfigSync vulnerability (K05123525)

critical Nessus Plugin ID 129076

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

F5 BIG-IP and Enterprise Manager may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings.(CVE-2019-6649)

Impact

The vulnerability is only present when the system is configured for high availability (HA)and either of the following settings are used :

ConfigSync is using a self IP with Port Lockdown configured as Allow All .

Note : Port Lockdown defaults to Allow None .

ConfigSync is configured to use the management interface.The database variable configsync.allowmanagement must be set to enable to allow this configuration (default is disable ).Check the configuration by typing the following command at the shell prompt: tmsh list /sys db configsync.allowmanagement

Note : This is an uncommon configuration.

Systems that are not running with either configuration are not affected.

Note : BIG-IQ systems and iWorkflow systems are not affected.

In both of the previously described configurations, a malicious actor may be able to connect to the interface used for ConfigSync to extract and/or modify sensitive information on the system.

Additionally, when ConfigSync is configured to use the management interface, sensitive information may be transmitted unencrypted, risking information disclosure to and modification by anyone in the path of the traffic.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K05123525.

See Also

https://my.f5.com/manage/s/article/K05123525

Plugin Details

Severity: Critical

ID: 129076

File Name: f5_bigip_SOL05123525.nasl

Version: 1.5

Type: local

Published: 9/20/2019

Updated: 11/2/2023

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2019-6649

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_domain_name_system, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version

Exploit Ease: No known exploits are available

Patch Publication Date: 9/19/2019

Vulnerability Publication Date: 9/20/2019

Reference Information

CVE: CVE-2019-6649