CVE-2012-1493
Summary
| CVE | CVE-2012-1493 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2012-07-09 22:55:00 UTC |
| Updated | 2012-07-10 04:00:00 UTC |
| Description | F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option. |
Risk And Classification
Problem Types: CWE-255
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | F5 | Big-ip 1000 | All | All | All | All |
| Hardware | F5 | Big-ip 1000 | All | All | All | All |
| Hardware | F5 | Big-ip 11000 | All | All | All | All |
| Hardware | F5 | Big-ip 11000 | All | All | All | All |
| Hardware | F5 | Big-ip 11050 | All | All | All | All |
| Hardware | F5 | Big-ip 11050 | All | All | All | All |
| Hardware | F5 | Big-ip 1500 | All | All | All | All |
| Hardware | F5 | Big-ip 1500 | All | All | All | All |
| Hardware | F5 | Big-ip 1600 | All | All | All | All |
| Hardware | F5 | Big-ip 1600 | All | All | All | All |
| Hardware | F5 | Big-ip 2400 | All | All | All | All |
| Hardware | F5 | Big-ip 2400 | All | All | All | All |
| Hardware | F5 | Big-ip 3400 | All | All | All | All |
| Hardware | F5 | Big-ip 3400 | All | All | All | All |
| Hardware | F5 | Big-ip 3410 | All | All | All | All |
| Hardware | F5 | Big-ip 3410 | All | All | All | All |
| Hardware | F5 | Big-ip 3600 | All | All | All | All |
| Hardware | F5 | Big-ip 3600 | All | All | All | All |
| Hardware | F5 | Big-ip 3900 | All | All | All | All |
| Hardware | F5 | Big-ip 3900 | All | All | All | All |
| Hardware | F5 | Big-ip 4100 | All | All | All | All |
| Hardware | F5 | Big-ip 4100 | All | All | All | All |
| Hardware | F5 | Big-ip 5100 | All | All | All | All |
| Hardware | F5 | Big-ip 5100 | All | All | All | All |
| Hardware | F5 | Big-ip 5110 | All | All | All | All |
| Hardware | F5 | Big-ip 5110 | All | All | All | All |
| Hardware | F5 | Big-ip 6400 | All | All | All | All |
| Hardware | F5 | Big-ip 6400 | All | All | All | All |
| Hardware | F5 | Big-ip 6800 | All | All | All | All |
| Hardware | F5 | Big-ip 6800 | All | All | All | All |
| Hardware | F5 | Big-ip 6900 | All | All | All | All |
| Hardware | F5 | Big-ip 6900 | All | All | All | All |
| Hardware | F5 | Big-ip 8400 | All | All | All | All |
| Hardware | F5 | Big-ip 8400 | All | All | All | All |
| Hardware | F5 | Big-ip 8800 | All | All | All | All |
| Hardware | F5 | Big-ip 8800 | All | All | All | All |
| Hardware | F5 | Big-ip 8900 | All | All | All | All |
| Hardware | F5 | Big-ip 8900 | All | All | All | All |
| Hardware | F5 | Big-ip 8950 | All | All | All | All |
| Hardware | F5 | Big-ip 8950 | All | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 10.0.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 10.0.1 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 10.2.3 | hf1 | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.0.0 | hf1 | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.1.0 | hf2 | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.2.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.2.0 | hf4 | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.4.4 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.4.5 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.4.6 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.4.7 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.4.8 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 10.0.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 10.0.1 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 10.2.3 | hf1 | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.0.0 | hf1 | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.1.0 | hf2 | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.2.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.2.0 | hf4 | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.4.4 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.4.5 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.4.6 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.4.7 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 9.4.8 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | All | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 10.0.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 10.2.3 | hf1 | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.0.0 | hf1 | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.1.0 | hf2 | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 9.2.2 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 9.4.8 | hf4 | All | All |
| Application | F5 | Big-ip Global Traffic Manager | All | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 10.0.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 10.2.3 | hf1 | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.0.0 | hf1 | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.1.0 | hf2 | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 9.2.2 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 9.4.8 | hf4 | All | All |
| Application | F5 | Big-ip Local Traffic Manager | All | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 10.0.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 10.2.3 | hf1 | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.0.0 | hf1 | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.1.0 | hf2 | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 9.0.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 9.4.8 | hf4 | All | All |
| Application | F5 | Big-ip Local Traffic Manager | All | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 10.0.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 10.2.3 | hf1 | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.0.0 | hf1 | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.1.0 | hf2 | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 9.0.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 9.4.8 | hf4 | All | All |
| Application | F5 | Enterprise Manager | All | All | virtual | All |
| Application | F5 | Enterprise Manager | 1.0 | All | virtual | All |
| Application | F5 | Enterprise Manager | 2.0 | All | virtual | All |
| Application | F5 | Enterprise Manager | 2.1.0 | All | virtual | All |
| Application | F5 | Enterprise Manager | 2.1.0 | hf1 | virtual | All |
| Application | F5 | Enterprise Manager | 2.2.0 | All | virtual | All |
| Application | F5 | Enterprise Manager | 2.3.0 | All | virtual | All |
| Application | F5 | Enterprise Manager | 2.3.0 | hf2 | virtual | All |
| Hardware | F5 | Enterprise Manager | All | All | All | All |
| Hardware | F5 | Enterprise Manager | 1.0 | All | All | All |
| Hardware | F5 | Enterprise Manager | 2.0 | All | All | All |
| Hardware | F5 | Enterprise Manager | 2.1.0 | All | All | All |
| Hardware | F5 | Enterprise Manager | 2.1.0 | hf1 | All | All |
| Hardware | F5 | Enterprise Manager | 2.2.0 | All | All | All |
| Hardware | F5 | Enterprise Manager | 2.3.0 | All | All | All |
| Hardware | F5 | Enterprise Manager | 2.3.0 | hf2 | All | All |
| Application | F5 | Enterprise Manager | All | All | virtual | All |
| Application | F5 | Enterprise Manager | 1.0 | All | virtual | All |
| Application | F5 | Enterprise Manager | 2.0 | All | virtual | All |
| Application | F5 | Enterprise Manager | 2.1.0 | All | virtual | All |
| Application | F5 | Enterprise Manager | 2.1.0 | hf1 | virtual | All |
| Application | F5 | Enterprise Manager | 2.2.0 | All | virtual | All |
| Application | F5 | Enterprise Manager | 2.3.0 | All | virtual | All |
| Application | F5 | Enterprise Manager | 2.3.0 | hf2 | virtual | All |
| Hardware | F5 | Enterprise Manager | All | All | All | All |
| Hardware | F5 | Enterprise Manager | 1.0 | All | All | All |
| Hardware | F5 | Enterprise Manager | 2.0 | All | All | All |
| Hardware | F5 | Enterprise Manager | 2.1.0 | All | All | All |
| Hardware | F5 | Enterprise Manager | 2.1.0 | hf1 | All | All |
| Hardware | F5 | Enterprise Manager | 2.2.0 | All | All | All |
| Hardware | F5 | Enterprise Manager | 2.3.0 | All | All | All |
| Hardware | F5 | Enterprise Manager | 2.3.0 | hf2 | All | All |
| Operating System | F5 | Tmos | All | All | All | All |
| Operating System | F5 | Tmos | 10.0.0 | All | All | All |
| Operating System | F5 | Tmos | 10.0.1 | All | All | All |
| Operating System | F5 | Tmos | 10.1.0 | All | All | All |
| Operating System | F5 | Tmos | 10.2.0 | All | All | All |
| Operating System | F5 | Tmos | 2.0 | All | All | All |
| Operating System | F5 | Tmos | 4.0 | All | All | All |
| Operating System | F5 | Tmos | 4.2 | All | All | All |
| Operating System | F5 | Tmos | 4.3 | All | All | All |
| Operating System | F5 | Tmos | 4.4 | All | All | All |
| Operating System | F5 | Tmos | 4.5 | All | All | All |
| Operating System | F5 | Tmos | 4.5.10 | All | All | All |
| Operating System | F5 | Tmos | 4.5.11 | All | All | All |
| Operating System | F5 | Tmos | 4.5.12 | All | All | All |
| Operating System | F5 | Tmos | 4.5.6 | All | All | All |
| Operating System | F5 | Tmos | 4.5.9 | All | All | All |
| Operating System | F5 | Tmos | 4.6 | All | All | All |
| Operating System | F5 | Tmos | 4.6.2 | All | All | All |
| Operating System | F5 | Tmos | 9.0 | All | All | All |
| Operating System | F5 | Tmos | 9.0.1 | All | All | All |
| Operating System | F5 | Tmos | 9.0.2 | All | All | All |
| Operating System | F5 | Tmos | 9.0.3 | All | All | All |
| Operating System | F5 | Tmos | 9.0.4 | All | All | All |
| Operating System | F5 | Tmos | 9.0.5 | All | All | All |
| Operating System | F5 | Tmos | 9.1 | All | All | All |
| Operating System | F5 | Tmos | 9.1.1 | All | All | All |
| Operating System | F5 | Tmos | 9.1.2 | All | All | All |
| Operating System | F5 | Tmos | 9.1.3 | All | All | All |
| Operating System | F5 | Tmos | 9.2 | All | All | All |
| Operating System | F5 | Tmos | 9.2.2 | All | All | All |
| Operating System | F5 | Tmos | 9.2.3 | All | All | All |
| Operating System | F5 | Tmos | 9.2.4 | All | All | All |
| Operating System | F5 | Tmos | 9.2.5 | All | All | All |
| Operating System | F5 | Tmos | 9.3 | All | All | All |
| Operating System | F5 | Tmos | 9.3.1 | All | All | All |
| Operating System | F5 | Tmos | 9.4 | All | All | All |
| Operating System | F5 | Tmos | 9.4.1 | All | All | All |
| Operating System | F5 | Tmos | 9.4.2 | All | All | All |
| Operating System | F5 | Tmos | 9.4.3 | All | All | All |
| Operating System | F5 | Tmos | 9.4.4 | All | All | All |
| Operating System | F5 | Tmos | 9.4.5 | All | All | All |
| Operating System | F5 | Tmos | 9.4.6 | All | All | All |
| Operating System | F5 | Tmos | 9.4.7 | All | All | All |
| Operating System | F5 | Tmos | 9.4.8 | All | All | All |
| Operating System | F5 | Tmos | 9.6.0 | All | All | All |
| Operating System | F5 | Tmos | 9.6.1 | All | All | All |
| Operating System | F5 | Tmos | All | All | All | All |
| Operating System | F5 | Tmos | 10.0.0 | All | All | All |
| Operating System | F5 | Tmos | 10.0.1 | All | All | All |
| Operating System | F5 | Tmos | 10.1.0 | All | All | All |
| Operating System | F5 | Tmos | 10.2.0 | All | All | All |
| Operating System | F5 | Tmos | 2.0 | All | All | All |
| Operating System | F5 | Tmos | 4.0 | All | All | All |
| Operating System | F5 | Tmos | 4.2 | All | All | All |
| Operating System | F5 | Tmos | 4.3 | All | All | All |
| Operating System | F5 | Tmos | 4.4 | All | All | All |
| Operating System | F5 | Tmos | 4.5 | All | All | All |
| Operating System | F5 | Tmos | 4.5.10 | All | All | All |
| Operating System | F5 | Tmos | 4.5.11 | All | All | All |
| Operating System | F5 | Tmos | 4.5.12 | All | All | All |
| Operating System | F5 | Tmos | 4.5.6 | All | All | All |
| Operating System | F5 | Tmos | 4.5.9 | All | All | All |
| Operating System | F5 | Tmos | 4.6 | All | All | All |
| Operating System | F5 | Tmos | 4.6.2 | All | All | All |
| Operating System | F5 | Tmos | 9.0 | All | All | All |
| Operating System | F5 | Tmos | 9.0.1 | All | All | All |
| Operating System | F5 | Tmos | 9.0.2 | All | All | All |
| Operating System | F5 | Tmos | 9.0.3 | All | All | All |
| Operating System | F5 | Tmos | 9.0.4 | All | All | All |
| Operating System | F5 | Tmos | 9.0.5 | All | All | All |
| Operating System | F5 | Tmos | 9.1 | All | All | All |
| Operating System | F5 | Tmos | 9.1.1 | All | All | All |
| Operating System | F5 | Tmos | 9.1.2 | All | All | All |
| Operating System | F5 | Tmos | 9.1.3 | All | All | All |
| Operating System | F5 | Tmos | 9.2 | All | All | All |
| Operating System | F5 | Tmos | 9.2.2 | All | All | All |
| Operating System | F5 | Tmos | 9.2.3 | All | All | All |
| Operating System | F5 | Tmos | 9.2.4 | All | All | All |
| Operating System | F5 | Tmos | 9.2.5 | All | All | All |
| Operating System | F5 | Tmos | 9.3 | All | All | All |
| Operating System | F5 | Tmos | 9.3.1 | All | All | All |
| Operating System | F5 | Tmos | 9.4 | All | All | All |
| Operating System | F5 | Tmos | 9.4.1 | All | All | All |
| Operating System | F5 | Tmos | 9.4.2 | All | All | All |
| Operating System | F5 | Tmos | 9.4.3 | All | All | All |
| Operating System | F5 | Tmos | 9.4.4 | All | All | All |
| Operating System | F5 | Tmos | 9.4.5 | All | All | All |
| Operating System | F5 | Tmos | 9.4.6 | All | All | All |
| Operating System | F5 | Tmos | 9.4.7 | All | All | All |
| Operating System | F5 | Tmos | 9.4.8 | All | All | All |
| Operating System | F5 | Tmos | 9.6.0 | All | All | All |
| Operating System | F5 | Tmos | 9.6.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html | CONFIRM | support.f5.com | Vendor Advisory |
| www.trustmatta.com/advisories/MATTA-2012-002.txt | MISC | www.trustmatta.com | |
| Exploit posted for vulnerable F5 kit • The Register | MISC | www.theregister.co.uk | |
| metasploit-framework/f5_bigip_known_privkey.rb at master · rapid7/metasploit-framework · GitHub | MISC | github.com | Exploit, Patch |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.