Vulnerability CVE-2012-1493 - CERT Civis.Net

Vulnerability Name:

CVE-2012-1493 (CCN-76147)

Assigned:

2012-06-06

Published:

2012-06-06

Updated:

2012-07-10

Summary:

F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N)
6.4 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
8.3 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2012-1493

Source: CCN
Type: Packetstorm Security Website
F5 BIG-IP SSH Private Key Exposure

Source: CCN
Type: SA49396
F5 Products Unspecified SSH Configuration Security Issue

Source: CCN
Type: F5 KNOWLEDGE BASE SOL13600
SSH vulnerability CVE-2012-1493

Source: CONFIRM
Type: Vendor Advisory
http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html

Source: CCN
Type: OSVDB ID: 82780
F5 Multiple Product Published SSH Private Key Remote Authentication Bypass

Source: CCN
Type: BID-53897
F5 Multiple Products SSH Configuration Remote Unauthorized Access Vulnerability

Source: MISC
Type: UNKNOWN
http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/

Source: XF
Type: UNKNOWN
f5-configuration-priv-esc(76147)

Source: MISC
Type: Exploit, Patch
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [06-12-2012]

Source: CCN
Type: Rapid7 Vulnerability and Exploit Database [05-30-2018]
F5 BIG-IP SSH Private Key Exposure

Source: CCN
Type: MATTA-2012-002
F5 BIG-IP remote root authentication bypass Vulnerability

Source: MISC
Type: UNKNOWN
https://www.trustmatta.com/advisories/MATTA-2012-002.txt

Vulnerable Configuration:

Configuration 1:

cpe:/a:f5:big-ip_application_security_manager:9.2.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:9.2.0:hf4:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:9.4.8:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:10.2.3:hf1:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:11.0.0:hf1:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_application_security_manager:11.1.0:hf2:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_global_traffic_manager:9.2.2:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_global_traffic_manager:9.4.8:hf4:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_global_traffic_manager:10.2.3:hf1:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_global_traffic_manager:11.0.0:hf1:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_global_traffic_manager:11.1.0:hf2:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_local_traffic_manager:9.0.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_local_traffic_manager:9.4.8:hf4:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_local_traffic_manager:10.2.3:hf1:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_local_traffic_manager:11.0.0:hf1:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*

OR cpe:/a:f5:big-ip_local_traffic_manager:11.1.0:hf2:*:*:*:*:*:*

OR cpe:/o:f5:tmos:*:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:2.0:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.0:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.2:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.3:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.4:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.5:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.5.6:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.5.9:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.5.10:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.5.11:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.5.12:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.6:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:4.6.2:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.0:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.0.1:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.0.2:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.0.3:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.0.4:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.0.5:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.1:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.1.1:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.1.2:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.1.3:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.2:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.2.2:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.2.3:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.2.4:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.2.5:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.3:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.3.1:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.4:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.4.1:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.4.2:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.4.3:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.4.4:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.4.5:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.4.6:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.4.7:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.4.8:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.6.0:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:9.6.1:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:10.0.0:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:10.0.1:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:10.1.0:*:*:*:*:*:*:*

OR cpe:/o:f5:tmos:10.2.0:*:*:*:*:*:*:*

AND

cpe:/h:f5:big-ip_1000:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_11000:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_11050:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_1500:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_1600:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_2400:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_3400:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_3410:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_3600:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_3900:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_4100:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_5100:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_5110:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_6400:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_6800:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_6900:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_8400:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_8800:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_8900:*:*:*:*:*:*:*:*

OR cpe:/h:f5:big-ip_8950:*:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:f5:enterprise_manager:*:*:virtual:*:*:*:*:*

OR cpe:/a:f5:enterprise_manager:1.0:*:virtual:*:*:*:*:*

OR cpe:/a:f5:enterprise_manager:2.0:*:virtual:*:*:*:*:*

OR cpe:/a:f5:enterprise_manager:2.1.0:*:virtual:*:*:*:*:*

OR cpe:/a:f5:enterprise_manager:2.1.0:hf1:virtual:*:*:*:*:*

OR cpe:/a:f5:enterprise_manager:2.2.0:*:virtual:*:*:*:*:*

OR cpe:/a:f5:enterprise_manager:2.3.0:*:virtual:*:*:*:*:*

OR cpe:/a:f5:enterprise_manager:2.3.0:hf2:virtual:*:*:*:*:*

OR cpe:/h:f5:enterprise_manager:*:*:*:*:*:*:*:*

OR cpe:/h:f5:enterprise_manager:1.0:*:*:*:*:*:*:*

OR cpe:/h:f5:enterprise_manager:2.0:*:*:*:*:*:*:*

OR cpe:/h:f5:enterprise_manager:2.1.0:*:*:*:*:*:*:*

OR cpe:/h:f5:enterprise_manager:2.1.0:hf1:*:*:*:*:*:*

OR cpe:/h:f5:enterprise_manager:2.2.0:*:*:*:*:*:*:*

OR cpe:/h:f5:enterprise_manager:2.3.0:*:*:*:*:*:*:*

OR cpe:/h:f5:enterprise_manager:2.3.0:hf2:*:*:*:*:*:*

Denotes that component is vulnerable