Security Bypass in F5 BIG-IP Affected Products
CVE-2018-15321

4.9MEDIUM

Key Information:

Vendor
F5
Status
Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator), Big-iq Centralized Management, Big-iq Cloud And Orchestration, Iworkflow, Enterprise Manager
Vendor
CVE Published:
31 October 2018

Summary

A vulnerability exists in F5 BIG-IP products, where users with admin or resource administrator roles, when granted TMSH access, can bypass Appliance Mode restrictions. This allows them to overwrite critical system files, thereby circumventing established security measures that limit TMSH command execution. Attackers with high privilege levels can exploit this flaw, leading to significant risks to the integrity and security of the affected systems.

Affected Version(s)

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6

References

https://support.f5.com/csp/article/K01067037
x_refsource_CONFIRM

CVSS V3.1

Score:
4.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.