4 matches found
K51213246: BIG-IP APM AD authentication vulnerability CVE-2021-23008
Security Advisory Description BIG-IP APM AD Active Directory authentication can be bypassed using a spoofed AS-REP Kerberos Authentication Service Response response sent over a hijacked KDC Kerberos Key Distribution Center connection, or from an AD server compromised by an attacker.CVE-2021-23008...
CVE-2021-23008
CVE-2021-23008 affects BIG-IP APM AD authentication. Vulnerable in: BIG-IP APM AD from versions 16.0.x (all), 15.x up to 15.1.2, 14.x up to 14.1.3, 13.x up to 13.1.3, 12.x up to 12.1.5, and all 11.x (not fixed). Root cause: bypass via a spoofed AS-REP over a hijacked KDC or compromised AD server....
F5 Big-IP Vulnerable to Security-Bypass Bug
F5 Networks’ Big-IP Application Delivery Services appliance contains a Key Distribution Center KDC spoofing vulnerability, researchers disclosed – which an attacker could use to get past the security measures that protect sensitive workloads. Join Threatpost for “Fortifying Your Business Against...
F5 Networks BIG-IP : BIG-IP APM AD authentication vulnerability (K51213246)
The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.6 / 13.1.4 / 14.1.4 / 15.1.3 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K51213246 advisory. - On version 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x befor...