Secunia
Login
|
|
CVE Reference: CVE-2012-1493 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2012-1493 |
|
|
Description: F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option. |
|
|
CVE Status: Candidate |
|
|
References: MISC http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/ CONFIRM http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html |
|
| Return to the previous page. |
