CVE-2023-45226

The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. This is only exposed when ssh debug is enabled. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVSS v3 7.4 HIGH

7.4^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://my.f5.com/manage/s/article/K000135874	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:1.5.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-10-10 13:15

Updated : 2023-10-18 01:27

NVD link : CVE-2023-45226

Mitre link : CVE-2023-45226

CVE.ORG link : CVE-2023-45226

JSON object : View

Products Affected

f5

big-ip_next_service_proxy_for_kubernetes

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2023-45226", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "f5sirt@f5.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}]}, "published": "2023-10-10T13:15:22.383", "references": [{"url": "https://my.f5.com/manage/s/article/K000135874", "tags": ["Vendor Advisory"], "source": "f5sirt@f5.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "f5sirt@f5.com", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "\nThe BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. This is only exposed when ssh debug is enabled.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"}, {"lang": "es", "value": "Los contenedores BIG-IP SPK TMM (M\u00f3dulo de gesti\u00f3n de tr\u00e1fico) f5-debug-sidecar y f5-debug-sshd contienen credenciales codificadas que pueden permitir que un atacante con la capacidad de interceptar el tr\u00e1fico, se haga pasar por el servidor SPK Secure Shell (SSH) en esos contenedores. Esto s\u00f3lo se expone cuando la depuraci\u00f3n ssh est\u00e1 habilitada. Nota: Las versiones de software que han llegado al End of Technical Support (EoTS) no se eval\u00faan"}], "lastModified": "2023-10-18T01:27:45.367", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:1.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7120EAB7-4BAE-4ECB-9613-91132FB1EEAD"}], "operator": "OR"}]}], "sourceIdentifier": "f5sirt@f5.com"}