| code | #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K23520761.
#
# The text description of this plugin is (C) F5 Networks.
#
include("compat.inc");
if (description)
{
script_id(118645);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/09");
script_cve_id("CVE-2018-5505");
script_name(english:"F5 Networks BIG-IP : BIG-IP ASM and BIG-IP AFM/BIG-IP Analytics vulnerability (K23520761)");
script_summary(english:"Checks the BIG-IP version.");
script_set_attribute(
attribute:"synopsis",
value:"The remote device is missing a vendor-supplied security patch."
);
script_set_attribute(
attribute:"description",
value:
"On F5 BIG-IP 13.1.0 - 13.1.0.3, when ASM and one or more of these
modules (AFM/AVR) are provisioned, the Traffic Management Microkernel
(TMM) may restart while processing DNS requests when thevirtual server
is configured with a DNS profile and the Protocol setting is set to
TCP . (CVE-2018-5505)
Note : The BIG-IP Analytics (AVR) module isautomatically enabled when
BIG-IP AFM is provisioned.
Impact
An attacker may be able to execute a remote denial of service.
Disabling any of the components mentioned in the description (for
example, removing the DNS profile from the virtual server) avoids the
issue. Virtual servers configured with UDP forthe Protocol setting are
not affected."
);
script_set_attribute(
attribute:"see_also",
value:"https://support.f5.com/csp/article/K23520761"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade to one of the non-vulnerable versions listed in the F5
Solution K23520761."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/22");
script_set_attribute(attribute:"patch_publication_date", value:"2018/03/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/02");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"F5 Networks Local Security Checks");
script_dependencies("f5_bigip_detect.nbin");
script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version");
exit(0);
}
include("f5_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
version = get_kb_item("Host/BIG-IP/version");
if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP");
if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix");
if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules");
sol = "K23520761";
vmatrix = make_array();
# AFM
vmatrix["AFM"] = make_array();
vmatrix["AFM"]["affected" ] = make_list("13.1.0");
vmatrix["AFM"]["unaffected"] = make_list("14.0.0","13.1.1","13.1.0.4");
# ASM
vmatrix["ASM"] = make_array();
vmatrix["ASM"]["affected" ] = make_list("13.1.0");
vmatrix["ASM"]["unaffected"] = make_list("14.0.0","13.1.1","13.1.0.4");
if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = bigip_get_tested_modules();
audit_extra = "For BIG-IP module(s) " + tested + ",";
if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
else audit(AUDIT_HOST_NOT, "running any of the affected modules AFM / ASM");
}
|