CVE-2023-45226

The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. This is only exposed when ssh debug is enabled. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVSS v3 7.4 HIGH

7.4^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://my.f5.com/manage/s/article/K000135874	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:1.5.0:*:*:*:*:*:*:*

History

18 Oct 2023, 01:27

Type	Values Removed	Values Added
References	~~(MISC) https://my.f5.com/manage/s/article/K000135874 -~~	(MISC) https://my.f5.com/manage/s/article/K000135874 - Vendor Advisory
First Time		F5 F5 big-ip Next Service Proxy For Kubernetes
CPE		cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:1.5.0:::::::*

10 Oct 2023, 13:41

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-10 13:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-45226

Mitre link : CVE-2023-45226

CVE.ORG link : CVE-2023-45226

JSON object : View

Products Affected

f5

big-ip_next_service_proxy_for_kubernetes

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2023-45226", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "f5sirt@f5.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}]}, "published": "2023-10-10T13:15:22.383", "references": [{"url": "https://my.f5.com/manage/s/article/K000135874", "tags": ["Vendor Advisory"], "source": "f5sirt@f5.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "f5sirt@f5.com", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "\nThe BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. This is only exposed when ssh debug is enabled.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"}, {"lang": "es", "value": "Los contenedores BIG-IP SPK TMM (M\u00f3dulo de gesti\u00f3n de tr\u00e1fico) f5-debug-sidecar y f5-debug-sshd contienen credenciales codificadas que pueden permitir que un atacante con la capacidad de interceptar el tr\u00e1fico, se haga pasar por el servidor SPK Secure Shell (SSH) en esos contenedores. Esto s\u00f3lo se expone cuando la depuraci\u00f3n ssh est\u00e1 habilitada. Nota: Las versiones de software que han llegado al End of Technical Support (EoTS) no se eval\u00faan"}], "lastModified": "2023-10-18T01:27:45.367", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:1.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7120EAB7-4BAE-4ECB-9613-91132FB1EEAD"}], "operator": "OR"}]}], "sourceIdentifier": "f5sirt@f5.com"}