Geeks for your information News Privacy & Security News v
F5 Big-IP Vulnerable to Security-Bypass Bug
F5 Big-IP Vulnerable to Security-Bypass Bug
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
Information  30 April 21, 09:37
Quote:F5 Networks’ Big-IP Application Delivery Services appliance contains a Key Distribution Center (KDC) spoofing vulnerability, researchers disclosed – which an attacker could use to get past the security measures that protect sensitive workloads.
 
Specifically, an attacker could exploit the flaw (tracked as CVE-2021-23008) to bypass Kerberos security and sign into the Big-IP Access Policy Manager, according to researchers at Silverfort. Kerberos is a network authentication protocol that’s designed to provide strong authentication for client/server applications by using secret-key cryptography. In some cases, the bug can be used to bypass authentication to the Big-IP admin console as well, they added.
 
In either case, a cybercriminal could gain unfettered access to Big-IP applications, without having legitimate credentials.
 
The potential impact could be significant: F5 provides enterprise networking to some of the largest tech companies in the world, including Facebook, Microsoft and Oracle, as well as to a trove of Fortune 500 companies, including some of the world’s biggest financial institutions and ISPs.
 
The vulnerability specifically exists in one of the core software components of the appliance: The Access Policy Manager (APM). It manages and enforces access policies, i.e., making sure all users are authenticated and authorized to use a given application. Silverfort researchers noted that APM is sometimes used to protect access to the Big-IP admin console too.
 
APM implements Kerberos as an authentication protocol for authentication required by an APM policy, they explained.
 
“When a user accesses an application through Big-IP, they may be presented with a captive portal and required to enter a username and password,” researchers said, in a blog posting issued on Thursday. “The username and password are verified against Active Directory with the Kerberos protocol to ensure the user is who they claim they are.”

Read more: F5 Big-IP Vulnerable to Security-Bypass Bug | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Kaspersky\VPN\KSOS 21.23 & KES 12.11 bet...
harlan4096 — 08:55
ESET 18.2.18
A quick hotfix for...harlan4096 — 08:53
AdGuard Browser Extension 5.1.145 (MV3 s...
AdGuard Browser Ex...harlan4096 — 08:50
Brave 1.82.166
Release Channel 1....harlan4096 — 08:49
NVIDIA GeForce Game Ready 581.29 driver
Highlights  Gam...harlan4096 — 08:48

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (38)fapedDow
avatar (48)pohudidere
avatar (48)rarinsWax
avatar (25)DianaBrown
avatar (38)eqiduseb
avatar (45)ThomasLYDAY
avatar (40)upakoExapy
avatar (50)diplomasync
avatar (49)Myronjax
avatar (49)skepwHug
avatar (38)RicardoGoase
avatar (42)Edwardgef
avatar (43)Denpokhew
avatar (35)azidony
avatar (40)maskbSleew

[-]
Online Staff
There are no staff members currently online.

>