Windows Logon Integration Vulnerability in F5 BIG-IP APM Client
CVE-2018-5547

7.8HIGH

Key Information:

Vendor
F5
Status
Big-ip Apm Client For Windows
Vendor
CVE Published:
17 August 2018

Summary

The F5 BIG-IP APM client prior to version 7.1.7.1 for Windows employs the Legacy logon mode by default, which utilizes a SYSTEM account for network access. This implementation poses a security risk as it exposes a certificate user interface dialog box featuring a link to the certificate policy. Unprivileged users, upon clicking this link, gain the ability to open additional dialog boxes, potentially accessing the local machine's Windows Explorer and acquiring administrative privileges. This vulnerability arises specifically when the APM client is installed by an administrator on user machines, allowing local users to exploit the situation.

Affected Version(s)

BIG-IP APM client for Windows Prior to version 7.1.7.1

References

https://support.f5.com/csp/article/K10015187
x_refsource_CONFIRM
http://www.securitytracker.com/id/1041511
vdb-entryx_refsource_SECTRACK
https://support.f5.com/csp/article/K10015187?utm_source=f...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.