BIG-IP network appliances remote access vulnerability CVE-2012-1493

http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.html

"A platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect."

F5 really outdid themselves on this one. They left a default ssh authorized key for root on all their devices.

We applied the id379600 fix which basically generated a new key and removes the default one on our F5 devices.

Thanks,
ep