Geeks for your information News Privacy & Security News v
F5 Big-IP Vulnerable to Security-Bypass Bug
F5 Big-IP Vulnerable to Security-Bypass Bug
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
Information  30 April 21, 09:37
Quote:F5 Networks’ Big-IP Application Delivery Services appliance contains a Key Distribution Center (KDC) spoofing vulnerability, researchers disclosed – which an attacker could use to get past the security measures that protect sensitive workloads.
 
Specifically, an attacker could exploit the flaw (tracked as CVE-2021-23008) to bypass Kerberos security and sign into the Big-IP Access Policy Manager, according to researchers at Silverfort. Kerberos is a network authentication protocol that’s designed to provide strong authentication for client/server applications by using secret-key cryptography. In some cases, the bug can be used to bypass authentication to the Big-IP admin console as well, they added.
 
In either case, a cybercriminal could gain unfettered access to Big-IP applications, without having legitimate credentials.
 
The potential impact could be significant: F5 provides enterprise networking to some of the largest tech companies in the world, including Facebook, Microsoft and Oracle, as well as to a trove of Fortune 500 companies, including some of the world’s biggest financial institutions and ISPs.
 
The vulnerability specifically exists in one of the core software components of the appliance: The Access Policy Manager (APM). It manages and enforces access policies, i.e., making sure all users are authenticated and authorized to use a given application. Silverfort researchers noted that APM is sometimes used to protect access to the Big-IP admin console too.
 
APM implements Kerberos as an authentication protocol for authentication required by an APM policy, they explained.
 
“When a user accesses an application through Big-IP, they may be presented with a captive portal and required to enter a username and password,” researchers said, in a blog posting issued on Thursday. “The username and password are verified against Active Directory with the Kerberos protocol to ensure the user is who they claim they are.”

Read more: F5 Big-IP Vulnerable to Security-Bypass Bug | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Surfshark VPN : Award-winning VPN servi...
Surfshark New Pric...jasonX — 10:21
Surfshark VPN : Award-winning VPN servi...
Surfshark New Pric...jasonX — 10:21
AntGROUP Inc. / VCap-developer
Ant Download Manager...jasonX — 10:20
Surfshark VPN : Award-winning VPN servi...
Surfshark Apps Ver...jasonX — 10:07
Mozilla Firefox Browser 150.0.3
Mozilla Firefox Br...harlan4096 — 07:22

[-]
Birthdays
Today's Birthdays
avatar (41)axylisyb
avatar (44)tukrublape
Upcoming Birthdays
avatar (28)akiratoriyama
avatar (48)Jerrycix
avatar (40)awedoli
avatar (82)WinRARHowTo
avatar (38)owysykan
avatar (49)beautgok
avatar (39)axuben
avatar (40)ihijudu
avatar (45)tiojusop
avatar (42)Damiennug
avatar (40)acoraxe
avatar (49)contjrat
avatar (44)knigiJow
avatar (46)1stOnecal
avatar (50)Mirzojap
avatar (36)idilysaju
avatar (40)GregoryRog
avatar (45)mediumog
avatar (40)odukoromu
avatar (46)Joanna4589

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>