F5 Networks BIG-IP : SNMP vulnerability (K27400151)

medium Nessus Plugin ID 124420

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

SNMP may expose sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is used with various profile types and is accessed using SNMPv2.
(CVE-2019-6613)

Impact

An attacker with direct SNMP access to a BIG-IP system or an attacker with a privileged network position (Man-in-the-Middle) may be able to obtain the passphrases used within configuration profiles. Default configurations would not expose this issue, as remote SNMP access is disallowed by default.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K27400151.

See Also

https://my.f5.com/manage/s/article/K27400151

Plugin Details

Severity: Medium

ID: 124420

File Name: f5_bigip_SOL27400151.nasl

Version: 1.4

Type: local

Published: 5/1/2019

Updated: 11/2/2023

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2019-6613

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_domain_name_system, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version

Exploit Ease: No known exploits are available

Patch Publication Date: 4/30/2019

Vulnerability Publication Date: 5/3/2019

Reference Information

CVE: CVE-2019-6613