Detections
Analytics

F5 Multiple Products Root Authentication Bypass

critical Nessus Plugin ID 59477

Language:

Synopsis

The remote host has an authentication bypass vulnerability.

Description

The remote F5 device has an authentication bypass vulnerability. The SSH private key for the root user is publicly known. A remote, unauthenticated attacker could exploit this to login as root.

Solution

Apply the relevant fix referenced by F5 advisory SOL13600.

See Also

https://www.trustmatta.com/advisories/MATTA-2012-002.txt

https://support.f5.com/csp/article/K13600

Plugin Details

Severity: Critical

ID: 59477

File Name: f5_root_auth_bypass.nasl

Version: 1.21

Type: remote

Published: 6/13/2012

Updated: 7/24/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2012-1493

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/6/2012

Vulnerability Publication Date: 6/6/2012

Exploitable With

Metasploit (F5 BIG-IP SSH Private Key Exposure)

Reference Information

CVE: CVE-2012-1493

BID: 53897