漏洞标题
N/A
漏洞描述信息
在F5 BIG-IP LTM、分析、APM、ASM和Link Controller 11.2.1之前 HF16、11.4.x、11.5.x在11.5.4 HF2、11.6.x在11.6.1和12.x在12.0.0 HF2之前; BIG-IP AAM、AFM和PEM 11.4.x、11.5.x在11.5.4 HF2、11.6.x在11.6.1和12.x在12.0.0 HF2之前; BIG-IP DNS 12.x在12.0.0 HF2之前; BIG-IP Edge Gateway、WebAccelerator和WOM 11.2.1在HF16之前; BIG-IP GTM 11.2.1在HF16、11.4.x、11.5.x在11.5.4 HF2、和11.6.x在11.6.1之前;以及 BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
多款F5产品安全漏洞
漏洞描述信息
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的多合一网络设备。 多款F5产品的BIG-IP IPsec IKE peer监听器的默认配置存在安全漏洞,该漏洞源于程序没有正确启用匿名IPsec IKE peer配置对象。远程攻击者可利用该漏洞建立IKE peer第一阶段协商,也可能实施暴力攻击第二阶段的协商。以下产品和版本受到影响:F5 BIG-IP LTM, Analytics, APM, ASM和Link Controller HF16之前的11.2.1版本
CVSS信息
N/A
漏洞类别
授权问题