Local Privilege Escalation in F5 FirePass Products
CVE-2012-2053
Currently unrated
Summary
The sudoers file in F5 FirePass versions 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root. This lack of authentication can be exploited by local users, allowing them to elevate their privileges using the sudo program. Specifically, the vulnerability can be demonstrated through user accounts that execute PHP scripts, creating a security risk that needs to be addressed to mitigate unauthorized access.
References
Timeline
Vulnerability published
Vulnerability Reserved