Multiple F5 Networks Products CVE-2013-6024 Local Information Disclosure Vulnerability



Multiple F5 Networks Products are prone to an unspecified local information-disclosure vulnerability.

Local attackers can exploit this issue to obtain sensitive information. Information obtained may lead to further attacks.

The following products are vulnerable:

BIG-IP APM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4
BIG-IP Edge Gateway 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4
FirePass 6.0.0 through 6.1.0 and 7.0.0

Information

Bugtraq ID: 65422
Class: Design Error
CVE: CVE-2013-6024

Remote: No
Local: Yes
Published: Feb 04 2014 12:00AM
Updated: Apr 12 2019 08:00AM
Credit: Giorgio Casali and Simone Cecchini with Verizon Enterprise Solutions GCIS Threat and Vulnerability Management
Vulnerable: F5 FirePass 7.0
F5 FirePass 6.1
F5 FirePass 6.0
F5 BIG-IP Edge Gateway 11.3
F5 BIG-IP Edge Gateway 11.2.1 HF3
F5 BIG-IP Edge Gateway 11.2.1
F5 BIG-IP Edge Gateway 11.2 HF3
F5 BIG-IP Edge Gateway 11.2
F5 BIG-IP Edge Gateway 11.1
F5 BIG-IP Edge Gateway 11.0
F5 BIG-IP Edge Gateway 10.2.4
F5 BIG-IP Edge Gateway 10.2.2
F5 BIG-IP Edge Gateway 11.4.1
F5 BIG-IP Edge Gateway 11.3.0 HF4
F5 BIG-IP Edge Gateway 11.2.1 HF5
F5 BIG-IP Edge Gateway 11.2.1 HF2
F5 BIG-IP Edge Gateway 11.2.0 HF5
F5 BIG-IP Edge Gateway 11.1.0 HF7
F5 BIG-IP Edge Gateway 10.1
F5 BIG-IP APM 11.2
F5 BIG-IP APM 11.0
F5 BIG-IP APM 10.2.4
F5 BIG-IP APM 10.2.2
F5 BIG-IP APM 11.4.1
F5 BIG-IP APM 11.4.0
F5 BIG-IP APM 11.3.0 HF4
F5 BIG-IP APM 11.3.0
F5 BIG-IP APM 11.2.1 HF5
F5 BIG-IP APM 11.2.1 HF3
F5 BIG-IP APM 11.2.1 HF2
F5 BIG-IP APM 11.2.1 HF1
F5 BIG-IP APM 11.2.1
F5 BIG-IP APM 11.2.0 HF5
F5 BIG-IP APM 11.2.0 HF3
F5 BIG-IP APM 11.2.0 HF2
F5 BIG-IP APM 11.1.0 HF7
F5 BIG-IP APM 11.1.0
F5 BIG-IP APM 10.1


Not Vulnerable: F5 BIG-IP Edge Gateway 11.5
F5 BIG-IP APM 11.5.0


Exploit


Attackers require local interactive access to exploit this issue.


Source: www.securityfocus.com
Related Posts