CVE-2012-1493

F5 Big-ip 3600 - Credentials Management

Title source: rule

Description

F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotehardware

https://www.exploit-db.com/exploits/19099

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by David Kennedy (ReL1K) · pythonremotehardware

https://www.exploit-db.com/exploits/19091

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Florent Daigniere · textdoshardware

https://www.exploit-db.com/exploits/19064

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by egypt · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb

View Code ZIP pw:eip

References (4)

[Various Sources] https://www.trustmatta.com/advisories/MATTA-2012-002.txt

[Various Sources] http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/

[Vendor Advisory] http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html

[Exploit, Patch] https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb

Scores

EPSS 0.8438

EPSS Percentile 99.3%

Details

CWE

CWE-255

Status published

Products (44)

f5/big-ip_1000

f5/big-ip_11000

f5/big-ip_11050

f5/big-ip_1500

f5/big-ip_1600

f5/big-ip_2400

f5/big-ip_3400

f5/big-ip_3410

f5/big-ip_3600

f5/big-ip_3900

... and 34 more

Published Jul 09, 2012

Tracked Since Feb 18, 2026