cpe:/a:f5:big-ip_application_security_manager:9.2.0 cpe:/a:f5:big-ip_application_security_manager:9.2.0:hf4 cpe:/a:f5:big-ip_application_security_manager:9.4.4 cpe:/a:f5:big-ip_application_security_manager:9.4.5 cpe:/a:f5:big-ip_application_security_manager:9.4.6 cpe:/a:f5:big-ip_application_security_manager:9.4.7 cpe:/a:f5:big-ip_application_security_manager:9.4.8 cpe:/a:f5:big-ip_application_security_manager:10.0.0 cpe:/a:f5:big-ip_application_security_manager:10.0.1 cpe:/a:f5:big-ip_application_security_manager:10.2.3:hf1 cpe:/a:f5:big-ip_application_security_manager:11.0.0 cpe:/a:f5:big-ip_application_security_manager:11.0.0:hf1 cpe:/a:f5:big-ip_application_security_manager:11.1.0 cpe:/a:f5:big-ip_application_security_manager:11.1.0:hf2 cpe:/a:f5:big-ip_global_traffic_manager cpe:/a:f5:big-ip_global_traffic_manager:9.2.2 cpe:/a:f5:big-ip_global_traffic_manager:9.4.8:hf4 cpe:/a:f5:big-ip_global_traffic_manager:10.0.0 cpe:/a:f5:big-ip_global_traffic_manager:10.2.3:hf1 cpe:/a:f5:big-ip_global_traffic_manager:11.0.0 cpe:/a:f5:big-ip_global_traffic_manager:11.0.0:hf1 cpe:/a:f5:big-ip_global_traffic_manager:11.1.0 cpe:/a:f5:big-ip_global_traffic_manager:11.1.0:hf2 cpe:/a:f5:big-ip_local_traffic_manager cpe:/a:f5:big-ip_local_traffic_manager:9.0.0 cpe:/a:f5:big-ip_local_traffic_manager:9.4.8:hf4 cpe:/a:f5:big-ip_local_traffic_manager:10.0.0 cpe:/a:f5:big-ip_local_traffic_manager:10.2.3:hf1 cpe:/a:f5:big-ip_local_traffic_manager:11.0.0 cpe:/a:f5:big-ip_local_traffic_manager:11.0.0:hf1 cpe:/a:f5:big-ip_local_traffic_manager:11.1.0 cpe:/a:f5:big-ip_local_traffic_manager:11.1.0:hf2 cpe:/a:f5:enterprise_manager:::virtual cpe:/a:f5:enterprise_manager:1.0::virtual cpe:/a:f5:enterprise_manager:2.0::virtual cpe:/a:f5:enterprise_manager:2.1.0::virtual cpe:/a:f5:enterprise_manager:2.1.0:hf1:virtual cpe:/a:f5:enterprise_manager:2.2.0::virtual cpe:/a:f5:enterprise_manager:2.3.0::virtual cpe:/a:f5:enterprise_manager:2.3.0:hf2:virtual cpe:/h:f5:big-ip_1000 cpe:/h:f5:big-ip_11000 cpe:/h:f5:big-ip_11050 cpe:/h:f5:big-ip_1500 cpe:/h:f5:big-ip_1600 cpe:/h:f5:big-ip_2400 cpe:/h:f5:big-ip_3400 cpe:/h:f5:big-ip_3410 cpe:/h:f5:big-ip_3600 cpe:/h:f5:big-ip_3900 cpe:/h:f5:big-ip_4100 cpe:/h:f5:big-ip_5100 cpe:/h:f5:big-ip_5110 cpe:/h:f5:big-ip_6400 cpe:/h:f5:big-ip_6800 cpe:/h:f5:big-ip_6900 cpe:/h:f5:big-ip_8400 cpe:/h:f5:big-ip_8800 cpe:/h:f5:big-ip_8900 cpe:/h:f5:big-ip_8950 cpe:/h:f5:enterprise_manager cpe:/h:f5:enterprise_manager:1.0 cpe:/h:f5:enterprise_manager:2.0 cpe:/h:f5:enterprise_manager:2.1.0 cpe:/h:f5:enterprise_manager:2.1.0:hf1 cpe:/h:f5:enterprise_manager:2.2.0 cpe:/h:f5:enterprise_manager:2.3.0 cpe:/h:f5:enterprise_manager:2.3.0:hf2 cpe:/o:f5:tmos cpe:/o:f5:tmos:2.0 cpe:/o:f5:tmos:4.0 cpe:/o:f5:tmos:4.2 cpe:/o:f5:tmos:4.3 cpe:/o:f5:tmos:4.4 cpe:/o:f5:tmos:4.5 cpe:/o:f5:tmos:4.5.6 cpe:/o:f5:tmos:4.5.9 cpe:/o:f5:tmos:4.5.10 cpe:/o:f5:tmos:4.5.11 cpe:/o:f5:tmos:4.5.12 cpe:/o:f5:tmos:4.6 cpe:/o:f5:tmos:4.6.2 cpe:/o:f5:tmos:9.0 cpe:/o:f5:tmos:9.0.1 cpe:/o:f5:tmos:9.0.2 cpe:/o:f5:tmos:9.0.3 cpe:/o:f5:tmos:9.0.4 cpe:/o:f5:tmos:9.0.5 cpe:/o:f5:tmos:9.1 cpe:/o:f5:tmos:9.1.1 cpe:/o:f5:tmos:9.1.2 cpe:/o:f5:tmos:9.1.3 cpe:/o:f5:tmos:9.2 cpe:/o:f5:tmos:9.2.2 cpe:/o:f5:tmos:9.2.3 cpe:/o:f5:tmos:9.2.4 cpe:/o:f5:tmos:9.2.5 cpe:/o:f5:tmos:9.3 cpe:/o:f5:tmos:9.3.1 cpe:/o:f5:tmos:9.4 cpe:/o:f5:tmos:9.4.1 cpe:/o:f5:tmos:9.4.2 cpe:/o:f5:tmos:9.4.3 cpe:/o:f5:tmos:9.4.4 cpe:/o:f5:tmos:9.4.5 cpe:/o:f5:tmos:9.4.6 cpe:/o:f5:tmos:9.4.7 cpe:/o:f5:tmos:9.4.8 cpe:/o:f5:tmos:9.6.0 cpe:/o:f5:tmos:9.6.1 cpe:/o:f5:tmos:10.0.0 cpe:/o:f5:tmos:10.0.1 cpe:/o:f5:tmos:10.1.0 cpe:/o:f5:tmos:10.2.0 CVE-2012-1493 2012-07-09T18:55:00.887-04:00 2012-07-10T00:00:00.000-04:00 7.8 NETWORK LOW NONE COMPLETE NONE NONE http://nvd.nist.gov 2012-07-10T10:52:00.000-04:00 CONFIRM http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html MISC http://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/ MISC https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb MISC https://www.trustmatta.com/advisories/MATTA-2012-002.txt F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.