On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, SNMP exposes sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is inserted into various profile types and accessed using SNMPv2.
Weakness
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Big-ip_local_traffic_manager | F5 | 11.5.1 (including) | 11.5.9 (excluding) |
| Big-ip_local_traffic_manager | F5 | 11.6.1 (including) | 11.6.3 (excluding) |
| Big-ip_local_traffic_manager | F5 | 12.1.0 (including) | 12.1.4.1 (excluding) |
| Big-ip_local_traffic_manager | F5 | 13.0.0 (including) | 13.1.1.5 (excluding) |
| Big-ip_local_traffic_manager | F5 | 14.0.0 (including) | 14.0.0.5 (excluding) |
| Big-ip_local_traffic_manager | F5 | 14.1.0 (including) | 14.1.0.6 (excluding) |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/102.html
- https://cwe.mitre.org/data/definitions/117.html
- https://cwe.mitre.org/data/definitions/383.html
- https://cwe.mitre.org/data/definitions/477.html
- https://cwe.mitre.org/data/definitions/65.html
References
- http://www.securityfocus.com/bid/109089
- https://support.f5.com/csp/article/K40443301
- https://support.f5.com/csp/article/K40443301?utm_source=f5support\u0026amp%3Butm_medium=RSS
- http://www.securityfocus.com/bid/109089
- https://support.f5.com/csp/article/K40443301
- https://support.f5.com/csp/article/K40443301?utm_source=f5support\u0026amp%3Butm_medium=RSS