安全研究
安全漏洞
F5多个网络产品本地信息泄露漏洞(CVE-2013-6024)
发布日期:2019-06-20
更新日期:2019-06-20
受影响系统:
F5 FirePass 7.0不受影响系统:
F5 FirePass 6.1
F5 FirePass 6.0
F5 BIG-IP APM 11.4.1
F5 BIG-IP APM 11.4.1
F5 BIG-IP APM 11.4.0
F5 BIG-IP APM 11.4.0
F5 BIG-IP APM 11.3.0 HF4
F5 BIG-IP APM 11.3.0 HF4
F5 BIG-IP APM 11.3.0
F5 BIG-IP APM 11.3.0
F5 BIG-IP APM 11.2.1 HF5
F5 BIG-IP APM 11.2.1 HF5
F5 BIG-IP APM 11.2.1 HF3
F5 BIG-IP APM 11.2.1 HF3
F5 BIG-IP APM 11.2.1 HF2
F5 BIG-IP APM 11.2.1 HF2
F5 BIG-IP APM 11.2.1 HF1
F5 BIG-IP APM 11.2.1 HF1
F5 BIG-IP APM 11.2.1
F5 BIG-IP APM 11.2.1
F5 BIG-IP APM 11.2.0 HF5
F5 BIG-IP APM 11.2.0 HF5
F5 BIG-IP APM 11.2.0 HF3
F5 BIG-IP APM 11.2.0 HF3
F5 BIG-IP APM 11.2.0 HF2
F5 BIG-IP APM 11.2.0 HF2
F5 BIG-IP APM 11.2
F5 BIG-IP APM 11.2
F5 BIG-IP APM 11.1.0 HF7
F5 BIG-IP APM 11.1.0 HF7
F5 BIG-IP APM 11.1.0
F5 BIG-IP APM 11.1.0
F5 BIG-IP APM 11.0
F5 BIG-IP APM 11.0
F5 BIG-IP APM 10.2.4
F5 BIG-IP APM 10.2.4
F5 BIG-IP APM 10.2.2
F5 BIG-IP APM 10.2.2
F5 BIG-IP APM 10.1
F5 BIG-IP APM 10.1
F5 BIG-IP Edge Gateway 11.4.1
F5 BIG-IP Edge Gateway 11.4.1
F5 BIG-IP Edge Gateway 11.3.0 HF4
F5 BIG-IP Edge Gateway 11.3.0 HF4
F5 BIG-IP Edge Gateway 11.2.1 HF5
F5 BIG-IP Edge Gateway 11.2.1 HF5
F5 BIG-IP Edge Gateway 11.2.1 HF3
F5 BIG-IP Edge Gateway 11.2.1 HF3
F5 BIG-IP Edge Gateway 11.2.1 HF2
F5 BIG-IP Edge Gateway 11.2.1 HF2
F5 BIG-IP Edge Gateway 11.2.1
F5 BIG-IP Edge Gateway 11.2.1
F5 BIG-IP Edge Gateway 11.2.0 HF5
F5 BIG-IP Edge Gateway 11.2.0 HF5
F5 BIG-IP Edge Gateway 11.2 HF3
F5 BIG-IP Edge Gateway 11.2 HF3
F5 BIG-IP Edge Gateway 11.2
F5 BIG-IP Edge Gateway 11.2
F5 BIG-IP Edge Gateway 11.1.0 HF7
F5 BIG-IP Edge Gateway 11.1.0 HF7
F5 BIG-IP Edge Gateway 11.1
F5 BIG-IP Edge Gateway 11.1
F5 BIG-IP Edge Gateway 11.0
F5 BIG-IP Edge Gateway 11.0
F5 BIG-IP Edge Gateway 10.2.4
F5 BIG-IP Edge Gateway 10.2.4
F5 BIG-IP Edge Gateway 10.2.2
F5 BIG-IP Edge Gateway 10.2.2
F5 BIG-IP Edge Gateway 10.1
F5 BIG-IP Edge Gateway 10.1
F5 BIG-IP APM 11.5.0描述:
F5 BIG-IP Edge Gateway 11.5
BUGTRAQ ID: 65422
CVE(CAN) ID: CVE-2013-6024
F5 网络公司是一家专注于应用服务和应用交付网络的全球性公司。
F5 BIG-IP APM 10.x,11.x,12.x,13.x和14.x,BIG-IP Edge Gateway 10.x和11.x以及FirePass 7.0.0中的Edge Client组件允许攻击者通过未指定的向量从进程内存中获取敏感信息。
本地攻击者可以利用此问题获取敏感信息。获得的信息可能导致进一步的攻击。
<*来源:Verizon企业解决方案部(GCIS威胁和漏洞管理)的Giorgio Casali和Simone Cecchini
链接:https://support.f5.com/csp/article/K14969?sr=34905674-
*>
建议:
厂商补丁:
F5
--
F5已经为此发布了一个安全公告(K14969)以及相应补丁:
K14969:BIG-IP Edge and FirePass client information leakage vulnerability
链接:https://support.f5.com/csp/article/K14969?sr=34905674-
补丁下载:
浏览次数:2630
严重程度:0(网友投票)
绿盟科技给您安全的保障