Sensitive File Overwrite Vulnerability in BIG-IP by F5 Networks
CVE-2019-6617

6.5MEDIUM

Key Information:

Vendor
F5
Status
Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator)
Vendor
CVE Published:
3 May 2019

Summary

On certain versions of BIG-IP by F5 Networks, users assigned the Resource Administrator role can exploit a vulnerability that allows them to overwrite sensitive low-level files, such as '/etc/passwd', using SFTP. This occurs without requiring Advanced Shell access, which contravenes the defined restrictions for the Resource Administrator role. This flaw exposes critical system files to unauthorized modifications, potentially leading to unauthorized access and privilege escalation.

Affected Version(s)

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) 14.0.0-14.1.0.1

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) 13.0.0-13.1.1.4

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) 12.1.0-12.1.4

References

https://support.f5.com/csp/article/K38941195
x_refsource_CONFIRM
http://www.securityfocus.com/bid/108186
vdb-entryx_refsource_BID
https://github.com/mirchr/security-research/blob/master/v...
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.