QID 379412

Date Published: 2024-02-27

QID 379412: F5 BIG-IP Advanced Firewall Manager (AFM) libssh Multiple Vulnerabilities (K000138682)

CVE-2023-2283:A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the pki_verify_data_signature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value rc, which is initialized to SSH_ERROR and later rewritten to save the return value of the function call pki_key_check_hash_compatible. The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls goto error returning SSH_OK.

Affected Versions:
F5 BIG-IP (AFM) version 17.1.0 - 17.1.1
F5 BIG-IP (AFM) version 16.1.0 - 16.1.4
F5 BIG-IP (AFM) version 15.1.0 - 15.1.10

QID Detection Logic (Authenticated):
This QID checks for vulnerable version of F5 BIG-IP by running the 'tmsh -q show /sys version' command.

This vulnerability could allow an attacker, under certain conditions, to establish an SSH Proxy session when it should have been denied.

CVSS V3 rated as High - 6.5 severity.

CVSS V2 rated as High - 6.4 severity.

Solution

Please check the fixed versions released by the vendor in K000138682

Vendor References

K000138682 - my.f5.com/manage/s/article/K000138682

CVEs related to QID 379412

CVE-2023-2283 |

Software Advisories

Advisory ID	Software	Component	Link
K000138682			my.f5.com/manage/s/article/K000138682

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].