| Title | 複数の F5 Networks 製品における認証に関する脆弱性 |
|---|---|
| Summary | BIG-IP Access Policy Manager (APM)、BIG-IP Advanced Firewall Manager (AFM)、BIG-IP Advanced Web Application Firewall (WAF) 等複数の F5 Networks 製品には、認証に関する脆弱性が存在します。 |
| Possible impacts | 情報を取得される、および情報を改ざんされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | Aug. 2, 2023, midnight |
| Registration Date | Jan. 18, 2024, 4:30 p.m. |
| Last Update | Jan. 18, 2024, 4:30 p.m. |
| CVSS3.0 : 警告 | |
| Score | 6.1 |
|---|---|
| Vector | CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
| F5 Networks |
| BIG-IP 10200v-F ファームウェア |
| BIG-IP 10350v-F ファームウェア |
| BIG-IP 5250v-F ファームウェア |
| BIG-IP 6900-F ファームウェア |
| BIG-IP 7200v-F ファームウェア |
| BIG-IP 8900-F ファームウェア |
| BIG-IP Access Policy Manager (APM) 15.1.0 |
| BIG-IP Access Policy Manager (APM) 13.1.0 以上 13.1.4 未満 |
| BIG-IP Access Policy Manager (APM) 14.1.0 以上 14.1.4 未満 |
| BIG-IP Advanced Firewall Manager (AFM) 13.1.0 以上 13.1.4 未満 |
| BIG-IP Advanced Firewall Manager (AFM) 14.1.0 以上 14.1.4 未満 |
| BIG-IP Advanced Firewall Manager (AFM) 15.1.0 |
| BIG-IP Advanced Web Application Firewall (WAF) 13.1.0 以上 13.1.4 未満 |
| BIG-IP Advanced Web Application Firewall (WAF) 14.1.0 以上 14.1.4 未満 |
| BIG-IP Advanced Web Application Firewall (WAF) 15.1.0 |
| BIG-IP Analytics 13.1.0 以上 13.1.4 未満 |
| BIG-IP Analytics 14.1.0 以上 14.1.4 未満 |
| BIG-IP Analytics 15.1.0 |
| BIG-IP Application Acceleration Manager (AAM) 13.1.0 以上 13.1.4 未満 |
| BIG-IP Application Acceleration Manager (AAM) 14.1.0 以上 14.1.4 未満 |
| BIG-IP Application Acceleration Manager (AAM) 15.1.0 |
| BIG-IP Application Security Manager (ASM) 13.1.0 以上 13.1.4 未満 |
| BIG-IP Application Security Manager (ASM) 14.1.0 以上 14.1.4 未満 |
| BIG-IP Application Security Manager (ASM) 15.1.0 |
| BIG-IP Application Visibility and Reporting 13.1.0 以上 13.1.4 未満 |
| BIG-IP Application Visibility and Reporting 14.1.0 以上 14.1.4 未満 |
| BIG-IP Carrier-Grade Network Address Translation (CGNAT) |
| BIG-IP DDoS Hybrid Defender |
| BIG-IP Domain Name System (DNS) |
| BIG-IP Edge Gateway |
| BIG-IP Fraud Protection Service (FPS) |
| BIG-IP Global Traffic Manager (GTM) |
| BIG-IP i15820-DF ファームウェア |
| BIG-IP i5820-DF ファームウェア |
| BIG-IP i7820-DF ファームウェア |
| BIG-IP Link Controller |
| BIG-IP Local Traffic Manager (LTM) |
| BIG-IP Policy Enforcement Manager (PEM) |
| BIG-IP SSL Orchestrator |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2024年01月18日] 掲載 |
Jan. 18, 2024, 4:30 p.m. |
| Summary |
The following BIG-IP hardware platforms are affected: 10350v-F, i5820-DF, i7820-DF, i15820-DF, 5250v-F, 7200v-F, 10200v-F, 6900-F, 8900-F, 11000-F, and 11050-F. The BIG-IP rSeries r5920-DF and r10920-DF are not affected, nor does the issue affect software FIPS implementations or network HSM configurations. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
|---|---|
| Publication Date | Aug. 3, 2023, 1:15 a.m. |
| Registration Date | Aug. 3, 2023, 10 a.m. |
| Last Update | Nov. 21, 2024, 5:17 p.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_link_controller:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_domain_name_system:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_analytics:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_webaccelerator:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_edge_gateway:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:* | 13.1.0 | 13.1.4 | |||
| cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:* | 14.1.0 | 14.1.4 | |||
| cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_carrier-grade_nat:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_ssl_orchestrator:15.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_websafe:15.1.0:*:*:*:*:*:*:* | |||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_10350v-f_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_10350v-f:-:*:*:*:*:*:*:* | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_i5820-df_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_i5820-df:-:*:*:*:*:*:*:* | ||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_i7820-df_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_i7820-df:-:*:*:*:*:*:*:* | ||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_i15820-df_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_i15820-df:-:*:*:*:*:*:*:* | ||||
| Configuration6 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_5250v-f_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_5250v-f:-:*:*:*:*:*:*:* | ||||
| Configuration7 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_7200v-f_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_7200v-f:-:*:*:*:*:*:*:* | ||||
| Configuration8 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_10200v-f_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_10200v-f:-:*:*:*:*:*:*:* | ||||
| Configuration9 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_6900-f_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_6900-f:-:*:*:*:*:*:*:* | ||||
| Configuration10 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_8900-f_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_8900-f:-:*:*:*:*:*:*:* | ||||
| Configuration11 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_11000-f_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_11000-f:-:*:*:*:*:*:*:* | ||||
| Configuration12 | or higher | or less | more than | less than | |
| cpe:2.3:o:f5:big-ip_11050-f_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:f5:big-ip_11050-f:-:*:*:*:*:*:*:* | ||||