Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Multiple F5 Networks Products - SSH vulnerability CVE-2012-1493

Information

Severity

Severity

High

Family

Family

Gain a shell remotely

CVSSv2 Base

CVSSv2 Base

7.8

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

11 years ago

Modified

Modified

2 years ago

Share

Summary

Multiple F5 Networks products are prone to an SSH vulnerability.

Insight

Insight

A platform-specific remote root access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH The vulnerability is caused by a publicly known SSH private key for the root user which is present on all vulnerable appliances.

Affected Software

Affected Software

The following platforms are affected by this issue: VIPRION B2100, B4100, and B4200 BIG-IP 520, 540, 1000, 2000, 2400, 5000, 5100, 1600, 3600, 3900, 6900, 8900, 8950, 11000, and 11050 BIG-IP Virtual Edition Enterprise Manager 3000 and 4000

Detection Method

Detection Method

Tries to login via SSH as the root user with a known SSH private key.

Solution

Solution

Updates are available. See the References for more information.

Common Vulnerabilities and Exposures (CVE)

References