BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Management (AOM) subsystem, which might allow remote malicious users to obtain login access to AOM via an (1) expired or (2) default password.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 big-ip domain name system 12.0.0 |
||
f5 big-ip application acceleration manager 12.0.0 |
||
f5 big-ip link controller 12.0.0 |
||
f5 big-ip policy enforcement manager 12.0.0 |
||
f5 big-ip advanced firewall manager 12.0.0 |
||
f5 big-ip local traffic manager 12.0.0 |
||
f5 big-ip access policy manager 12.0.0 |
||
f5 big-ip application security manager 12.0.0 |
||
f5 big-ip analytics 12.0.0 |