Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2012-1493
HistoryJul 09, 2012 - 10:55 p.m.

CVE-2012-1493

2012-07-0922:55:00
CWE-255
[email protected]
web.nvd.nist.gov
9

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

8

Confidence

High

EPSS

0.293

Percentile

97.0%

JSON

F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers’ installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.

Affected configurations

Nvd
Node
f5big-ip_application_security_managerMatch9.2.0
OR
f5big-ip_application_security_managerMatch9.2.0hf4
OR
f5big-ip_application_security_managerMatch9.4.4
OR
f5big-ip_application_security_managerMatch9.4.5
OR
f5big-ip_application_security_managerMatch9.4.6
OR
f5big-ip_application_security_managerMatch9.4.7
OR
f5big-ip_application_security_managerMatch9.4.8
OR
f5big-ip_application_security_managerMatch10.0.0
OR
f5big-ip_application_security_managerMatch10.0.1
OR
f5big-ip_application_security_managerMatch10.2.3hf1
OR
f5big-ip_application_security_managerMatch11.0.0
OR
f5big-ip_application_security_managerMatch11.0.0hf1
OR
f5big-ip_application_security_managerMatch11.1.0
OR
f5big-ip_application_security_managerMatch11.1.0hf2
OR
f5big-ip_global_traffic_manager
OR
f5big-ip_global_traffic_managerMatch9.2.2
OR
f5big-ip_global_traffic_managerMatch9.4.8hf4
OR
f5big-ip_global_traffic_managerMatch10.0.0
OR
f5big-ip_global_traffic_managerMatch10.2.3hf1
OR
f5big-ip_global_traffic_managerMatch11.0.0
OR
f5big-ip_global_traffic_managerMatch11.0.0hf1
OR
f5big-ip_global_traffic_managerMatch11.1.0
OR
f5big-ip_global_traffic_managerMatch11.1.0hf2
OR
f5big-ip_local_traffic_manager
OR
f5big-ip_local_traffic_managerMatch9.0.0
OR
f5big-ip_local_traffic_managerMatch9.4.8hf4
OR
f5big-ip_local_traffic_managerMatch10.0.0
OR
f5big-ip_local_traffic_managerMatch10.2.3hf1
OR
f5big-ip_local_traffic_managerMatch11.0.0
OR
f5big-ip_local_traffic_managerMatch11.0.0hf1
OR
f5big-ip_local_traffic_managerMatch11.1.0
OR
f5big-ip_local_traffic_managerMatch11.1.0hf2
OR
f5tmos
OR
f5tmosMatch2.0
OR
f5tmosMatch4.0
OR
f5tmosMatch4.2
OR
f5tmosMatch4.3
OR
f5tmosMatch4.4
OR
f5tmosMatch4.5
OR
f5tmosMatch4.5.6
OR
f5tmosMatch4.5.9
OR
f5tmosMatch4.5.10
OR
f5tmosMatch4.5.11
OR
f5tmosMatch4.5.12
OR
f5tmosMatch4.6
OR
f5tmosMatch4.6.2
OR
f5tmosMatch9.0
OR
f5tmosMatch9.0.1
OR
f5tmosMatch9.0.2
OR
f5tmosMatch9.0.3
OR
f5tmosMatch9.0.4
OR
f5tmosMatch9.0.5
OR
f5tmosMatch9.1
OR
f5tmosMatch9.1.1
OR
f5tmosMatch9.1.2
OR
f5tmosMatch9.1.3
OR
f5tmosMatch9.2
OR
f5tmosMatch9.2.2
OR
f5tmosMatch9.2.3
OR
f5tmosMatch9.2.4
OR
f5tmosMatch9.2.5
OR
f5tmosMatch9.3
OR
f5tmosMatch9.3.1
OR
f5tmosMatch9.4
OR
f5tmosMatch9.4.1
OR
f5tmosMatch9.4.2
OR
f5tmosMatch9.4.3
OR
f5tmosMatch9.4.4
OR
f5tmosMatch9.4.5
OR
f5tmosMatch9.4.6
OR
f5tmosMatch9.4.7
OR
f5tmosMatch9.4.8
OR
f5tmosMatch9.6.0
OR
f5tmosMatch9.6.1
OR
f5tmosMatch10.0.0
OR
f5tmosMatch10.0.1
OR
f5tmosMatch10.1.0
OR
f5tmosMatch10.2.0
AND
f5big-ip_1000
OR
f5big-ip_11000
OR
f5big-ip_11050
OR
f5big-ip_1500
OR
f5big-ip_1600
OR
f5big-ip_2400
OR
f5big-ip_3400
OR
f5big-ip_3410
OR
f5big-ip_3600
OR
f5big-ip_3900
OR
f5big-ip_4100
OR
f5big-ip_5100
OR
f5big-ip_5110
OR
f5big-ip_6400
OR
f5big-ip_6800
OR
f5big-ip_6900
OR
f5big-ip_8400
OR
f5big-ip_8800
OR
f5big-ip_8900
OR
f5big-ip_8950
Node
f5enterprise_managervirtual
OR
f5enterprise_managerMatch1.0virtual
OR
f5enterprise_managerMatch2.0virtual
OR
f5enterprise_managerMatch2.1.0virtual
OR
f5enterprise_managerMatch2.1.0hf1virtual
OR
f5enterprise_managerMatch2.2.0virtual
OR
f5enterprise_managerMatch2.3.0virtual
OR
f5enterprise_managerMatch2.3.0hf2virtual
OR
f5enterprise_manager
OR
f5enterprise_managerMatch1.0
OR
f5enterprise_managerMatch2.0
OR
f5enterprise_managerMatch2.1.0
OR
f5enterprise_managerMatch2.1.0hf1
OR
f5enterprise_managerMatch2.2.0
OR
f5enterprise_managerMatch2.3.0
OR
f5enterprise_managerMatch2.3.0hf2
VendorProductVersionCPE
f5big-ip_application_security_manager9.2.0cpe:2.3:a:f5:big-ip_application_security_manager:9.2.0:*:*:*:*:*:*:*
f5big-ip_application_security_manager9.2.0cpe:2.3:a:f5:big-ip_application_security_manager:9.2.0:hf4:*:*:*:*:*:*
f5big-ip_application_security_manager9.4.4cpe:2.3:a:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*
f5big-ip_application_security_manager9.4.5cpe:2.3:a:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*
f5big-ip_application_security_manager9.4.6cpe:2.3:a:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*
f5big-ip_application_security_manager9.4.7cpe:2.3:a:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*
f5big-ip_application_security_manager9.4.8cpe:2.3:a:f5:big-ip_application_security_manager:9.4.8:*:*:*:*:*:*:*
f5big-ip_application_security_manager10.0.0cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*
f5big-ip_application_security_manager10.0.1cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*
f5big-ip_application_security_manager10.2.3cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:hf1:*:*:*:*:*:*
Rows per page:
1-10 of 1141

Related

saint 4
openvas 3
exploitpack 1
cve 1
exploitdb 3
f5 2
prion 1
nessus 2
zdt 2
seebug 2
securityvulns 2
cvelist 1
metasploit 1
packetstorm 2
saint
saint
F5 BIG-IP SSH private key
2012-07-03 00:00:00
F5 BIG-IP SSH private key
2012-07-03 00:00:00
F5 BIG-IP SSH private key
2012-07-03 00:00:00
openvas
openvas
Multiple F5 Networks Products - SSH vulnerability CVE-2012-1493
2012-06-14 00:00:00
F5 BIG-IP remote root authentication bypass Vulnerability
2012-06-14 00:00:00
Static SSH Key Used
2015-10-14 00:00:00
exploitpack
exploitpack
F5 BIG-IP - Authentication Bypass (PoC)
2012-06-11 00:00:00
cve
cve
CVE-2012-1493
2012-07-09 22:55:00
exploitdb
exploitdb
F5 BIG-IP - SSH Private Key Exposure (Metasploit)
2012-06-13 00:00:00
F5 BIG-IP - Authentication Bypass (PoC)
2012-06-11 00:00:00
F5 BIG-IP - Authentication Bypass
2012-06-12 00:00:00
f5
f5
K13600 : SSH vulnerability CVE-2012-1493
2013-06-26 00:00:00
SOL13600 - SSH vulnerability CVE-2012-1493
2012-06-06 00:00:00
prion
prion
Design/Logic Flaw
2012-07-09 22:55:00
nessus
nessus
F5 Multiple Products Root Authentication Bypass
2012-06-13 00:00:00
SSH Static Key Accepted
2014-05-08 00:00:00
zdt
zdt
F5 BIG-IP Remote Root Authentication Bypass Vulnerability
2012-06-11 00:00:00
F5 BIG-IP SSH Private Key Exposure
2012-06-13 00:00:00
seebug
seebug
F5 BIG-IP remote root authentication bypass Vulnerability(CVE-2012-1493)
2012-06-11 00:00:00
F5 BIG-IP Remote Root Authentication Bypass Vulnerability
2014-07-01 00:00:00
securityvulns
securityvulns
F5 BIG-IP authentication bypass
2012-06-17 00:00:00
[MATTA-2012-002] CVE-2012-1493; F5 BIG-IP remote root authentication bypass Vulnerability
2012-06-17 00:00:00
cvelist
cvelist
CVE-2012-1493
2012-07-09 22:00:00
metasploit
metasploit
F5 BIG-IP SSH Private Key Exposure
2012-06-15 17:23:34
packetstorm
packetstorm
F5 BIG-IP SSH Private Key Exposure
2012-06-12 00:00:00
F5 BIG-IP Remote Root Authentication Bypass
2012-06-12 00:00:00

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

8

Confidence

High

EPSS

0.293

Percentile

97.0%

JSON
Related for NVD:CVE-2012-1493
saint4openvas3exploitpack1cve1exploitdb3f52prion1nessus2zdt2seebug2securityvulns2cvelist1metasploit1packetstorm2