Lucene search
PRIOn knowledge basePRION:CVE-2021-23008HistoryMay 10, 2021 - 2:15 p.m.
Authentication flaw
2021-05-1014:15:00
PRIOn knowledge base
www.prio-n.com
5
On version 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and all versions of 16.0.x and 11.6.x., BIG-IP APM AD (Active Directory) authentication can be bypassed via a spoofed AS-REP (Kerberos Authentication Service Response) response sent over a hijacked KDC (Kerberos Key Distribution Center) connection or from an AD server compromised by an attacker. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Related
cvelist
cvelist
CVE-2021-23008
2021-05-10 13:13:35
nvd
nvd
CVE-2021-23008
2021-05-10 14:15:07
nessus
nessus
F5 Networks BIG-IP : BIG-IP APM AD authentication vulnerability (K51213246)
2021-04-29 00:00:00
cve
cve
CVE-2021-23008
2021-05-10 14:15:07
threatpost
threatpost
F5 Big-IP Vulnerable to Security-Bypass Bug
2021-04-29 20:04:55
Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices
2021-04-30 11:49:34
f5
f5
K51213246 : BIG-IP APM AD authentication vulnerability CVE-2021-23008
2021-04-28 00:00:00
K96639388 : Overview of F5 vulnerabilities (April 2021)
2021-04-28 00:00:00
thn
thn
F5 BIG-IP Found Vulnerable to Kerberos KDC Spoofing Vulnerability
2021-04-28 13:00:00