The BIG-IP system is designed to be highly available and resilient, but undisclosed requests can cause the system to terminate. Unauthorized users cannot access the system and cause a Denial of Service (DoS) attack to the business. For example, users might send unauthorized requests with invalid IP addresses, invalid characters, or malicious URLs. Unauthorized users might also send invalid requests to test the security policy. Unauthorized users might also send invalid requests to force a system restart. Unauthorized users might also send invalid requests to find out when the system restarts. Unauthorized users might also send invalid requests to track the system performance.

CVE-2019-5400

The BIG-IP system is designed to be highly available and resilient, but undisclosed requests can cause the system to terminate. Unauthorized users cannot access the system and cause a Denial of Service (DoS) attack to the business. For example, users might send unauthorized requests with invalid IP addresses, invalid characters, or malicious URLs. Unauthorized users might also send invalid requests to test the security policy. Unauthorized users might also send invalid requests to force a system restart. Unauthorized users might also send invalid requests to find out when the system restarts. Unauthorized users might also send invalid requests to track the system performance.

Overview of BIG-IP Vulnerability


The BIG-IP system is designed to be highly available and resilient, but undisclosed requests can cause the system to terminate. Unauthorized users cannot access the system and cause a Denial of Service (DoS) attack to the business. For example, users might send unauthorized requests with invalid IP addresses, invalid characters, or malicious URLs. Unauthorized users might also send invalid requests to test the security policy. Unauthorized users might also send invalid requests to force a system restart. Unauthorized users might also send invalid requests to find out when the system restarts. Unauthorized users might also send invalid requests to track the system performance.
Unauthorized users might also send an HTTP POST request with a string of text as its body to trigger this vulnerability. This string of text contains an embedded URL that redirects to a file on the BIG-IP server in order for the bigip_main module process root commands with HIGH privileges by exploiting two vulnerabilities: CVE-2018-16761 and CVE-2019-3115.

Vulnerability Finding Process

To find vulnerabilities in a system, analysts first use vulnerability scanners to check for potential issues. These tools are usually web-based. It is not possible to list all the vulnerabilities that might exist in a system because it is likely that the list would be too long. The analyst then conducts research on the system and uses knowledge of software and hardware components to narrow down the field of potential vulnerabilities.
After narrowing the field, security professionals perform vulnerability analysis on systems using automated fuzzing tools. These tools mimic human behavior in an attempt to cause errors or flaws in software and hardware. The identified vulnerabilities can then be confirmed by manual means such as penetration testing, source code review, or reverse engineering.

Vulnerability Description and Scope

The BIG-IP system is vulnerable to unauthorized users, which can cause a Denial of Service (DoS) attack if they send an invalid request. Unauthorized users might send invalid requests to the system and cause the system to terminate unexpectedly.

Timeline

Published on: 10/19/2022 22:15:00 UTC
Last modified on: 10/23/2022 02:11:00 UTC

References