Vulnerability Details : CVE-2012-1493
Public exploit exists!
F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.
Exploit prediction scoring system (EPSS) score for CVE-2012-1493
Probability of exploitation activity in the next 30 days: 37.33%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2012-1493
-
F5 BIG-IP SSH Private Key Exposure
Disclosure Date: 2012-06-11First seen: 2020-04-26exploit/linux/ssh/f5_bigip_known_privkeyF5 ships a public/private key pair on BIG-IP appliances that allows passwordless authentication to any other BIG-IP box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root. Authors: - egypt <egypt
CVSS scores for CVE-2012-1493
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:C/I:N/A:N |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2012-1493
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-1493
-
http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/
Exploit posted for vulnerable F5 kit • The Register
-
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb
metasploit-framework/f5_bigip_known_privkey.rb at master · rapid7/metasploit-framework · GitHubExploit;Patch
-
http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html
Vendor Advisory
-
https://www.trustmatta.com/advisories/MATTA-2012-002.txt
Products affected by CVE-2012-1493
- cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:9.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:hf1:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:hf2:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:9.4.8:hf4:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:hf1:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:9.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:hf2:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:hf1:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:hf1:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:9.4.8:hf4:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:9.2.0:hf4:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:9.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:hf2:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:9.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:hf1:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:hf1:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:*:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.5:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.5.10:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.5.6:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.5.9:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.3:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.4:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.6:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.6.2:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.5.11:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:4.5.12:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.1:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.2:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.3:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.4.8:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.4.6:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.4.5:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.4.4:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.4.2:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.2.4:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:10.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:10.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.1.3:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.4:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.3.1:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.6.0:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:9.4.7:*:*:*:*:*:*:*
- cpe:2.3:o:f5:tmos:10.2.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_11050:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_1600:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_1000:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_5110:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_6400:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_4100:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_5100:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_3400:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_3410:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_1500:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_2400:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_3900:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_3600:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_8900:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_6900:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_8800:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_8950:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_6800:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_8400:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:big-ip_11000:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:enterprise_manager:*:*:virtual:*:*:*:*:*
- cpe:2.3:a:f5:enterprise_manager:2.0:*:virtual:*:*:*:*:*
- cpe:2.3:a:f5:enterprise_manager:2.1.0:hf1:virtual:*:*:*:*:*
- cpe:2.3:a:f5:enterprise_manager:2.3.0:*:virtual:*:*:*:*:*
- cpe:2.3:a:f5:enterprise_manager:2.3.0:hf2:virtual:*:*:*:*:*
- cpe:2.3:a:f5:enterprise_manager:1.0:*:virtual:*:*:*:*:*
- cpe:2.3:a:f5:enterprise_manager:2.1.0:*:virtual:*:*:*:*:*
- cpe:2.3:a:f5:enterprise_manager:2.2.0:*:virtual:*:*:*:*:*
- cpe:2.3:h:f5:enterprise_manager:*:*:*:*:*:*:*:*
- cpe:2.3:h:f5:enterprise_manager:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5:enterprise_manager:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5:enterprise_manager:1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5:enterprise_manager:2.3.0:hf2:*:*:*:*:*:*
- cpe:2.3:h:f5:enterprise_manager:2.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5:enterprise_manager:2.1.0:hf1:*:*:*:*:*:*
- cpe:2.3:h:f5:enterprise_manager:2.3.0:*:*:*:*:*:*:*