Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for BIG-IP Azure cloud instance by F5 Networks, Inc.

    CVE-2017-6131 (GCVE-0-2017-6131)

    Vulnerability from nvd – Published: 2017-05-23 15:00 – Updated: 2024-08-05 15:18
    VLAI
    Summary
    In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH.
    Severity
    No CVSS data available.
    CWE
    • default administrative password
    Assigner
    f5
    References
    URL Tags
    https://support.f5.com/csp/article/K61757346 x_refsource_CONFIRM
    http://www.securitytracker.com/id/1038569 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    F5 Networks, Inc. BIG-IP Azure cloud instance Affected: 12.0.0 to 12.1.2
    Affected: 13.0.0
    Create a notification for this product.
    Date Public
    2017-05-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T15:18:49.911Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K61757346"
              },
              {
                "name": "1038569",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038569"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "BIG-IP Azure cloud instance",
              "vendor": "F5 Networks, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.0.0 to 12.1.2"
                },
                {
                  "status": "affected",
                  "version": "13.0.0"
                }
              ]
            }
          ],
          "datePublic": "2017-05-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "default administrative password",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-07T09:57:01.000Z",
            "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
            "shortName": "f5"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K61757346"
            },
            {
              "name": "1038569",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038569"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "f5sirt@f5.com",
              "ID": "CVE-2017-6131",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "BIG-IP Azure cloud instance",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "12.0.0 to 12.1.2"
                              },
                              {
                                "version_value": "13.0.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "F5 Networks, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "default administrative password"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.f5.com/csp/article/K61757346",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K61757346"
                },
                {
                  "name": "1038569",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038569"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "assignerShortName": "f5",
        "cveId": "CVE-2017-6131",
        "datePublished": "2017-05-23T15:00:00.000Z",
        "dateReserved": "2017-02-21T00:00:00.000Z",
        "dateUpdated": "2024-08-05T15:18:49.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-6131 (GCVE-0-2017-6131)

    Vulnerability from cvelistv5 – Published: 2017-05-23 15:00 – Updated: 2024-08-05 15:18
    VLAI
    Summary
    In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH.
    Severity
    No CVSS data available.
    CWE
    • default administrative password
    Assigner
    f5
    References
    URL Tags
    https://support.f5.com/csp/article/K61757346 x_refsource_CONFIRM
    http://www.securitytracker.com/id/1038569 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    F5 Networks, Inc. BIG-IP Azure cloud instance Affected: 12.0.0 to 12.1.2
    Affected: 13.0.0
    Create a notification for this product.
    Date Public
    2017-05-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T15:18:49.911Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K61757346"
              },
              {
                "name": "1038569",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038569"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "BIG-IP Azure cloud instance",
              "vendor": "F5 Networks, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.0.0 to 12.1.2"
                },
                {
                  "status": "affected",
                  "version": "13.0.0"
                }
              ]
            }
          ],
          "datePublic": "2017-05-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "default administrative password",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-07T09:57:01.000Z",
            "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
            "shortName": "f5"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K61757346"
            },
            {
              "name": "1038569",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038569"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "f5sirt@f5.com",
              "ID": "CVE-2017-6131",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "BIG-IP Azure cloud instance",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "12.0.0 to 12.1.2"
                              },
                              {
                                "version_value": "13.0.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "F5 Networks, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "default administrative password"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.f5.com/csp/article/K61757346",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K61757346"
                },
                {
                  "name": "1038569",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038569"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "assignerShortName": "f5",
        "cveId": "CVE-2017-6131",
        "datePublished": "2017-05-23T15:00:00.000Z",
        "dateReserved": "2017-02-21T00:00:00.000Z",
        "dateUpdated": "2024-08-05T15:18:49.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }