CVE-2017-6131

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 12.0.0 through 12.1.2 F5 BIG-IP versions 13.0.0

Description The issue arises due to insufficient protection of registration data, which could allow an attacker to remotely access the BIG-IP host via SSH. This affects various BIG-IP components, including Application Security Manager, Access Policy Manager, Link Controller, Policy Enforcement Manager, Local Traffic Manager, DNS, WebSafe, Advanced Firewall Manager, and Application Acceleration Manager. The impacted administrative account is the Azure instance administrative user created at deployment, while the root and admin accounts are not vulnerable.

Recommendations For F5 BIG-IP versions 12.0.0 through 12.1.2, consider changing the default administrative password to prevent unauthorized access. For F5 BIG-IP version 13.0.0, change the default administrative password to mitigate the risk of remote access via SSH. As a temporary workaround, restrict SSH access to the BIG-IP host until the default password is changed.