Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K65355492
HistoryApr 12, 2018 - 12:00 a.m.

K65355492 : Apache vulnerability CVE-2018-5506

2018-04-1200:00:00
my.f5.com
11

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.5%

JSON

Security Advisory Description

Apache modules apache_auth_token_mod and mod_auth_f5_auth_token.cpp allow possible unauthenticated bruteforce on the em_server_ip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager (EM) and managed BIG-IP devices. (CVE-2018-5506)

Impact

This vulnerability can disclose the em_server_ipfield of valid client certificates. This does not reveal the certificate needed for authentication.

Related

cvelist 1
nessus 1
prion 1
nvd 1
cve 1
cvelist
cvelist
CVE-2018-5506
2018-04-12 00:00:00
nessus
nessus
F5 Networks BIG-IP : Apache vulnerability (K65355492)
2018-11-02 00:00:00
prion
prion
Authorization
2018-04-13 13:29:00
nvd
nvd
CVE-2018-5506
2018-04-13 13:29:00
cve
cve
CVE-2018-5506
2018-04-13 13:29:00

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.5%

JSON
Related for F5:K65355492
cvelist1nessus1prion1nvd1cve1