Geeks for your information News Privacy & Security News v
F5 Big-IP Vulnerable to Security-Bypass Bug
F5 Big-IP Vulnerable to Security-Bypass Bug
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
Information  30 April 21, 09:37
Quote:F5 Networks’ Big-IP Application Delivery Services appliance contains a Key Distribution Center (KDC) spoofing vulnerability, researchers disclosed – which an attacker could use to get past the security measures that protect sensitive workloads.
 
Specifically, an attacker could exploit the flaw (tracked as CVE-2021-23008) to bypass Kerberos security and sign into the Big-IP Access Policy Manager, according to researchers at Silverfort. Kerberos is a network authentication protocol that’s designed to provide strong authentication for client/server applications by using secret-key cryptography. In some cases, the bug can be used to bypass authentication to the Big-IP admin console as well, they added.
 
In either case, a cybercriminal could gain unfettered access to Big-IP applications, without having legitimate credentials.
 
The potential impact could be significant: F5 provides enterprise networking to some of the largest tech companies in the world, including Facebook, Microsoft and Oracle, as well as to a trove of Fortune 500 companies, including some of the world’s biggest financial institutions and ISPs.
 
The vulnerability specifically exists in one of the core software components of the appliance: The Access Policy Manager (APM). It manages and enforces access policies, i.e., making sure all users are authenticated and authorized to use a given application. Silverfort researchers noted that APM is sometimes used to protect access to the Big-IP admin console too.
 
APM implements Kerberos as an authentication protocol for authentication required by an APM policy, they explained.
 
“When a user accesses an application through Big-IP, they may be presented with a captive portal and required to enter a username and password,” researchers said, in a blog posting issued on Thursday. “The username and password are verified against Active Directory with the Kerberos protocol to ensure the user is who they claim they are.”

Read more: F5 Big-IP Vulnerable to Security-Bypass Bug | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Sysinternals Suite 3.26.2026
What's New (March ...harlan4096 — 11:40
AxCrypt 3.0.0.83
AxCrypt 3.0.0.83: ...harlan4096 — 11:39
Microsoft Edge 146.0.3856.84
Version 146.0.3856...harlan4096 — 11:37
PowerToys 0.98.1
Release v0.98.1 ...harlan4096 — 11:37
Opera 129.0.5823.28
Hello! A new Op...harlan4096 — 11:36

[-]
Birthdays
Today's Birthdays
avatar (46)qaqapeti
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>