In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH.

In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH.

Уязвимость облачной службы Azure средства защиты приложений BIG-IP Application Security Manager, средства контроля доступа и удаленной аутентификации BIG-IP Access Policy Manager, системы балансировки интернет-трафика BIG-IP Link Controller, системы контроля и управления сетевым трафиком BIG-IP Policy Enforcement Manager, системы балансировки локального трафика BIG-IP Local Traffic Manager, DNS-сервера BIG-IP DNS, средства защиты веб-сервисов BIG-IP WebSafe, межсетевого экрана BIG-IP Advanced Firewall Manager и средства доставки приложений BIG-IP Application Acceleration Manager, позволяющая нарушителю получить доступ к хосту BIG-IP