Vulnerability Description
F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F5 | Big-Ip Application Security Manager | 9.2.0 |
| F5 | Big-Ip Global Traffic Manager | All versions |
| F5 | Big-Ip Local Traffic Manager | All versions |
| F5 | Tmos | All versions |
| F5 | Big-Ip 1000 | All versions |
| F5 | Big-Ip 11000 | All versions |
| F5 | Big-Ip 11050 | All versions |
| F5 | Big-Ip 1500 | All versions |
| F5 | Big-Ip 1600 | All versions |
| F5 | Big-Ip 2400 | All versions |
| F5 | Big-Ip 3400 | All versions |
| F5 | Big-Ip 3410 | All versions |
| F5 | Big-Ip 3600 | All versions |
| F5 | Big-Ip 3900 | All versions |
| F5 | Big-Ip 4100 | All versions |
| F5 | Big-Ip 5100 | All versions |
| F5 | Big-Ip 5110 | All versions |
| F5 | Big-Ip 6400 | All versions |
| F5 | Big-Ip 6800 | All versions |
| F5 | Big-Ip 6900 | All versions |
Related Weaknesses (CWE)
References
- http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.htmlVendor Advisory
- http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/
- https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linuExploitPatch
- https://www.trustmatta.com/advisories/MATTA-2012-002.txt
- http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.htmlVendor Advisory
- http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/
- https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linuExploitPatch
- https://www.trustmatta.com/advisories/MATTA-2012-002.txt
FAQ
What is CVE-2012-1493?
CVE-2012-1493 is a vulnerability with a CVSS score of 7.8 (HIGH). F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before...
How severe is CVE-2012-1493?
CVE-2012-1493 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-1493?
Check the references section above for vendor advisories and patch information. Affected products include: F5 Big-Ip Application Security Manager, F5 Big-Ip Global Traffic Manager, F5 Big-Ip Local Traffic Manager, F5 Tmos, F5 Big-Ip 1000.