BIG-IP SPK TMM Hardcoded Credentials in Debug SSH Containers
CVE-2023-45226 Published on October 10, 2023
BIG-IP Next SPK SSH vulnerability
The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. This is only exposed when ssh debug is enabled. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Vulnerability Analysis
CVE-2023-45226 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.
Weakness Type
Use of Hard-coded Credentials
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Products Associated with CVE-2023-45226
Want to know whenever a new CVE is published for F5 Networks Big Ip Next Service Proxy Kubernetes? stack.watch will email you.
Affected Versions
F5 BIG-IP Next SPK:- Version 1.5.0 and below 1.6.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.