Geeks for your information News Privacy & Security News v
F5 Big-IP Vulnerable to Security-Bypass Bug
F5 Big-IP Vulnerable to Security-Bypass Bug
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
Information  30 April 21, 09:37
Quote:F5 Networks’ Big-IP Application Delivery Services appliance contains a Key Distribution Center (KDC) spoofing vulnerability, researchers disclosed – which an attacker could use to get past the security measures that protect sensitive workloads.
 
Specifically, an attacker could exploit the flaw (tracked as CVE-2021-23008) to bypass Kerberos security and sign into the Big-IP Access Policy Manager, according to researchers at Silverfort. Kerberos is a network authentication protocol that’s designed to provide strong authentication for client/server applications by using secret-key cryptography. In some cases, the bug can be used to bypass authentication to the Big-IP admin console as well, they added.
 
In either case, a cybercriminal could gain unfettered access to Big-IP applications, without having legitimate credentials.
 
The potential impact could be significant: F5 provides enterprise networking to some of the largest tech companies in the world, including Facebook, Microsoft and Oracle, as well as to a trove of Fortune 500 companies, including some of the world’s biggest financial institutions and ISPs.
 
The vulnerability specifically exists in one of the core software components of the appliance: The Access Policy Manager (APM). It manages and enforces access policies, i.e., making sure all users are authenticated and authorized to use a given application. Silverfort researchers noted that APM is sometimes used to protect access to the Big-IP admin console too.
 
APM implements Kerberos as an authentication protocol for authentication required by an APM policy, they explained.
 
“When a user accesses an application through Big-IP, they may be presented with a captive portal and required to enter a username and password,” researchers said, in a blog posting issued on Thursday. “The username and password are verified against Active Directory with the Kerberos protocol to ensure the user is who they claim they are.”

Read more: F5 Big-IP Vulnerable to Security-Bypass Bug | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Microsoft Edge 140.0.3485.66
Version 140.0.3485...harlan4096 — 06:45
Adlice Protect (formerly RogueKiller) 16...
V16.3.0 08/28/2025...harlan4096 — 06:39
Opera 122.0.5643.17
Hello, Opera 12...harlan4096 — 06:38
uBO Lite 2025.911.1335
uBO Lite 2025.911....harlan4096 — 06:37
VirtualBox 7.2.2
VirtualBox 7.2.2 ...harlan4096 — 06:36

[-]
Birthdays
Today's Birthdays
avatar (50)diplomasync
avatar (49)Myronjax
Upcoming Birthdays
avatar (38)fapedDow
avatar (48)pohudidere
avatar (48)rarinsWax
avatar (25)DianaBrown
avatar (38)eqiduseb
avatar (45)ThomasLYDAY
avatar (40)upakoExapy
avatar (49)skepwHug
avatar (38)RicardoGoase
avatar (42)Edwardgef
avatar (43)Denpokhew
avatar (35)azidony
avatar (40)maskbSleew

[-]
Online Staff
There are no staff members currently online.

>