Summary
This F5 Networks system still has the default
password set for the support user account. This
account normally provides read/write access to the web configuration utility. An attacker could take
advantage of this to reconfigure your systems and
possibly gain shell access to the system with
super-user privileges.
Solution
Remove the support account entirely or
change the password of this account to something
that is difficult to guess.
Severity
Classification
-
CVE CVE-1999-0508 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)
- Adobe LiveCycle Designer Untrusted Search Path Vulnerability (Windows)
- Apple Safari 'setInterval()' Address Bar Spoofing Vulnerability (Win)
- Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)