Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-1493

CWE-2556 documents4 sources

Severity

7.8HIGH

EPSS

84.4%

top 0.68%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

F5 Big-ip Application Security Manager F5 Big-ip Global Traffic Manager F5 Big-ip Local Traffic Manager +2 more

Timeline

PublishedJul 9

Latest updateMay 17

Description

F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.

CVSS vector

AV:N/AC:L/C:C/I:N/A:NExploitability: 10.0 | Impact: 6.9

Affected Packages5 packages

▶NVDf5/enterprise_manager5 versions+4

▶NVDf5/big-ip_local_traffic_manager6 versions+5

▶NVDf5/big-ip_global_traffic_manager6 versions+5

▶NVDf5/big-ip_application_security_manager11 versions+10

▶NVDf5/tmos45 versions+44

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-9xc6-7wh2-7r7r: F5 BIG-IP appliances 9↗2022-05-17

▶

CVEList

CVE-2012-1493: F5 BIG-IP appliances 9↗2012-07-09

▶

💥Exploits & PoCs

Exploit-DB

F5 BIG-IP - SSH Private Key Exposure (Metasploit)↗2012-06-13

▶

Exploit-DB

F5 BIG-IP - Authentication Bypass↗2012-06-12

▶

Exploit-DB

F5 BIG-IP - Authentication Bypass (PoC)↗2012-06-11

▶