Published: 10/05/2021 Updated: 10/05/2021

Vulnerability Summary

On version 15.1.x prior to 15.1.3, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.4, 12.1.x prior to 12.1.6, and all versions of 16.0.x and 11.6.x., BIG-IP APM AD (Active Directory) authentication can be bypassed via a spoofed AS-REP (Kerberos Authentication Service Response) response sent over a hijacked KDC (Kerberos Key Distribution Center) connection or from an AD server compromised by an attacker. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Recent Articles

F5 Big-IP Vulnerable to Security-Bypass Bug
Threatpost • Tara Seals • 29 Apr 2021

F5 Networks’ Big-IP Application Delivery Services appliance contains a Key Distribution Center (KDC) spoofing vulnerability, researchers disclosed – which an attacker could use to get past the security measures that protect sensitive workloads.
Specifically, an attacker could exploit the flaw (tracked as CVE-2021-23008) to bypass Kerberos security and sign into the Big-IP Access Policy Manager, according to researchers at Silverfort. Kerberos is a network authentication protocol that...