All the vulnerabilites related to f5 - big-iq_cloud_and_orchestration
Vulnerability from fkie_nvd
Published
2016-01-12 20:59
Modified
2024-11-21 02:36
Severity ?
Summary
dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager11.2.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96D10DFA-DA4D-4A57-AE06-57D9886A6F67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "dcoep en BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.0 hasta la versi\u00f3n 11.6.0 y 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP AAM 11.4.0 hasta la versi\u00f3n 11.6.0 y 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP AFM y PEM 11.3.0 hasta la versi\u00f3n 11.6.0 y 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP DNS 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.0 hasta la versi\u00f3n 11.3.0, BIG-IP GTM 11.2.0 hasta la versi\u00f3n 11.6.0, BIG-IP PSM 11.2.0 hasta la versi\u00f3n 11.4.1, Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1, BIG-IQ Cloud 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Security 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0 y BIG-IQ Cloud y Orchestration 1.0.0 permite a usuarios locales con acceso shell (bash) avanzado obtener privilegios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-7393",
"lastModified": "2024-11-21T02:36:42.707",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-12T20:59:00.120",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id/1034632"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034633"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id/1034632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 16:59
Modified
2024-11-21 02:38
Severity ?
Summary
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment."
},
{
"lang": "es",
"value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller y PEM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF1; BIG-IP AAM 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF1; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator y WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP PSM 11.3.x y 11.4.x en versiones anteriores a 11.4.1 HF10; Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 hasta la versi\u00f3n 4.5.0; BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; y BIG-IQ Cloud and Orchestration 1.0.0 en las plataformas 3900, 6900, 8900, 8950, 11000, 11050, PB100 y PB200, cuando las cookies del sofware SYN est\u00e1n configuradas en servidores virtuales, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue de High-Speed Bridge) a trav\u00e9s de un segmento TCP no v\u00e1lido."
}
],
"id": "CVE-2015-8099",
"lastModified": "2024-11-21T02:38:00.867",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T16:59:05.873",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035873"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035874"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-24 17:59
Modified
2024-11-21 02:53
Severity ?
Summary
The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1036172 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036172 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/ | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors."
},
{
"lang": "es",
"value": "El servicio iControl REST en F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller y PEM 11.5.x en versiones anteriores a 11.5.4, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP GTM 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IQ Cloud and Security 4.0.0 hasta la versi\u00f3n 4.5.0; BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0 y BIG-IQ Cloud and Orchestration 1.0.0 permite a administradores remotos autenticados obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-5021",
"lastModified": "2024-11-21T02:53:27.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-24T17:59:01.503",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036172"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-02 13:29
Modified
2024-11-21 04:08
Severity ?
Summary
On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (tmsh) access can access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to exfiltrate objects on the file system which should not be allowed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securitytracker.com/id/1040799 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://www.securitytracker.com/id/1040800 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K37442533 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040799 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040800 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K37442533 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F3D25A-7050-4A98-B3B5-3539FCC417AE",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48AEF668-8ABE-4A09-B45B-AB30B7A6464B",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC16ED5-2E19-4DC5-8F1D-2197D7CFEEBB",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35519CB7-C6BD-4EBF-A75F-03A5D2B9153C",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CAB3D2D-F589-41AB-A68A-8AFA8760E394",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69B575F8-F179-4648-A6AD-6F1C655A027A",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4049C7FF-FAE6-4377-98F9-7375D180B232",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3C3362F-1251-4E7B-B8CB-BBE7344A915E",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59E3934C-1BAA-4193-923E-33D515F7D9EA",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64CAD197-79F4-41AE-956C-D23DCA556A52",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E33F47-378B-4077-AA3E-6EBED04D3609",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "573D868C-4560-4268-8F0E-4BC6EC5D0B4C",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC26EC47-DB01-45B3-BD47-848B73334A99",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A76187-6118-4A9D-9F7C-0C9D3931BF42",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3331F4E7-A17F-41E2-B3FD-0F212626858D",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAD0B3C-4E3B-48F1-84E1-E92BE40A657F",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE82B01E-278D-40DB-9CD5-D69F863A97CD",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41A8A1C4-E425-40BD-B884-527E7CC62D24",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "586A9AE0-4417-4412-B573-73217F82FF73",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C300F433-99A8-477E-9369-2FEB5DEEE632",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2CDD8C-0D75-4E3B-8E21-BC90C7574534",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2392B92F-B2A5-4548-AB20-3142D5EADE8E",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "528457E0-A8CA-454B-AC01-C55630E2FA49",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "555AC906-C7E8-4E85-8453-498ED7B7205F",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30938E-E843-4D52-8EFC-19107BCDB1D9",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AE206C-8F30-4C1A-9823-BAF2052EF065",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3360351A-9D4F-410A-BB15-44C92326ED64",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E91FA1C5-2FC4-49F7-9AF7-A6BD446BFA2E",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91F8E790-6C3C-476D-B403-4F13CEF0BA7A",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBF24E5-6B40-4022-B481-98E4082839A1",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "205B6399-2EA9-44C0-8ED7-06B3EE724AC2",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B22714C9-D539-4E1E-A7FB-6CF3FD4093C4",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1643B722-2B02-4C64-82DD-19788D75BC3F",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF51DAA-0400-4186-BBF3-8784A9C6FE6D",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48B5CC4A-32F1-474A-A89B-A6C7E56513D7",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8105D615-8A59-466A-8369-9AFDAE2AFA61",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB9039C-8ACE-4D9B-B90E-D593512A1E30",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B79FDC9-83A7-4BB9-95C3-678095DA22AA",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5769F2A-FF74-4B40-B25F-B419DBDEECB6",
"versionEndIncluding": "13.1.0",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "559900D6-7E43-4D2F-9167-BDB04DD5D0DB",
"versionEndIncluding": "5.4.0",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:f5_iworkflow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D095DB-95BC-425B-BA1C-25180CBF5D52",
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (tmsh) access can access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to exfiltrate objects on the file system which should not be allowed."
},
{
"lang": "es",
"value": "En F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2 o 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 o 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0 o F5 iWorkflow 2.0.2-2.3.0, los usuarios autenticados que tengan acceso TMOS Shell (tmsh) pueden acceder a objetos en el sistema de archivos a los que normalmente no tendr\u00edan acceso por las restricciones de tmsh. Esto permite que atacantes autenticados con bajos privilegios exfiltren objetos en el sistema de archivos, algo que no deber\u00edan poder hacer."
}
],
"id": "CVE-2018-5516",
"lastModified": "2024-11-21T04:08:58.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-02T13:29:00.617",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040799"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040800"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K37442533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K37442533"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-19 14:29
Modified
2024-11-21 04:09
Severity ?
Summary
On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/104920 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://www.securitytracker.com/id/1041340 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://www.securitytracker.com/id/1041341 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K82038789 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104920 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041340 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041341 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K82038789 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B719583F-D2FE-4F29-9FC2-613F979737E6",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A17594BD-C3CF-441F-82E3-FB98A0606845",
"versionEndIncluding": "11.6.3.1",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4592661-3ADE-447E-90E9-8B02B9FFC952",
"versionEndIncluding": "12.1.3.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "332B12F5-543D-450C-AEED-19BECC56CF13",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F34B4F-BA2F-45D9-B2EB-B9196BD6CDF7",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC942249-E5D9-4CB1-A6D4-40333C20F561",
"versionEndIncluding": "11.6.3.1",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A26916E3-9C93-4BB1-BF28-3D1C6BBA78BE",
"versionEndIncluding": "12.1.3.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2564C2-BD67-4DDE-A122-74F7E6C22318",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "311994A3-8C3E-46C2-A971-7100DFBD82D9",
"versionEndIncluding": "5.1.0",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:f5_iworkflow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "698761C4-9108-4EF9-81C1-4886E09D2211",
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up."
},
{
"lang": "es",
"value": "En F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1 o 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0 o F5 iWorkflow 2.1.0-2.3.0, el proceso big3d no no minimiza irrevocablemente los privilegios de grupo al arranque."
}
],
"id": "CVE-2018-5540",
"lastModified": "2024-11-21T04:09:01.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-19T14:29:00.730",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104920"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041340"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041341"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K82038789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K82038789"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-07 19:28
Modified
2024-11-21 02:53
Severity ?
Summary
F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1036709 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1036710 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036709 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036710 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:f5_iworkflow:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAC5A3C6-E7E1-4C67-B868-0BFA0CCC5956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic."
},
{
"lang": "es",
"value": "F5 BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 HF1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 HF1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.x en versiones anteriores a 11.2.1 HF16 y 11.3.0; BIG-IP GTM 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1 HF1; BIG-IP PSM 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x y 11.4.0 hasta la version 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 hasta la version 4.5.0; BIG-IQ Device 4.2.0 hasta la version 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0 y iWorkflow 2.0.0, cuando Packet Filtering est\u00e1 habilitado en servidores virtuales y posiblemente en direcciones IP autom\u00e1ticas, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de Traffic Management Microkernel) y posiblemente tener otro impacto no especificado a trav\u00e9s de tr\u00e1fico de red manipulado."
}
],
"id": "CVE-2016-5022",
"lastModified": "2024-11-21T02:53:28.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-07T19:28:02.723",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036709"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036710"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
Summary
When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restrictions to overwrite critical system files. Attackers of high privilege level are able to overwrite critical system files which bypasses security controls in place to limit TMSH commands. This is possible with an administrator or resource administrator roles when granted TMSH. Resource administrator roles must have TMSH access in order to perform this attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | https://support.f5.com/csp/article/K01067037 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K01067037 | Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0740491-CFC6-4D53-A39F-3244710282D0",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9094D4-087E-45D8-AD7B-A2FA1BF1E2F8",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D746D9C6-28DE-4170-9F08-16C58F160752",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFECB54D-C240-495E-A97B-6694BB992C9D",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88880F08-386C-4BC3-952D-DD1665D8B1EB",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41D7E35D-EAC4-4D00-BB52-19414EEDD286",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8478F27-F451-4C94-9D45-9FCF30B6EB84",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F24FC1-B549-48F9-AF0E-AB441E5EE4B4",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C47559FB-EC85-4A3A-B967-0BD37934B33D",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40C7F0AE-F55C-42D9-A6EF-1A0D53FFD4DE",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17F63A24-36A9-4C90-B73B-131A5658C4C1",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE608E62-F3E2-405C-8239-760A7C1E1527",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EDF519-7610-4223-BBD7-B75438ACD8B2",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39C62474-8F2E-4394-8B9E-FB06F8CE95C4",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA46825-0425-4C7D-B846-05E6D4081F51",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05456A39-5301-421B-853A-4651E1B13DE8",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C0F266-7321-4BBC-B5C6-8D25DCC1715F",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76F51999-6742-445C-936B-C2873C5F27CB",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A537300-3211-4136-89C7-B99AD4F13B8C",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F921FE3-B481-4552-AE7C-FEE05DB6D301",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28DE49F7-E999-4D3F-8767-A2C3615DF780",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21A5DC79-66A0-4195-9A19-42FD2B5D7941",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "897F4A4D-D2E2-4171-8ECA-7E981034DE16",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F95F43-BF52-423E-9B1A-55D6B7262A57",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ABCEA29-0EDF-4D41-BB61-F2C293A5A2E2",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB32AD06-69AF-4289-B854-ED9141E76582",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31C5842B-0261-4CDB-888E-329FF7D73108",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B73F018-4FAD-48B3-9806-FC827787E323",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55366FD7-D7BA-4D36-AC5D-1B822940842F",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D63E2912-58B9-4541-8E5D-993F73AB74F1",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC818DB1-C85A-47A3-ABE2-0FFCD7AC3E40",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11876D9C-0082-454A-8254-B5FD74E87719",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C050740-2FD3-474D-A09A-C122F031342F",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C21FA11D-0C58-4DF7-85E0-5E8E7B1F14A8",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7193B-3BEF-4920-9893-FF196E785850",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2680D4AD-CCD0-4964-8D8F-CF1FCDA2BEC3",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC80682-E373-4508-A297-EA19BF62BABA",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42E368FA-5A85-428E-B63D-FD027CD46E8E",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5B875A-ACFE-4C98-B6C4-5A6262C09E23",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A00660C1-7A1C-42CF-A829-503DC2EC08E0",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBEBCB3-AF9E-4049-980D-E87B756D6D51",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EC5593-4293-4D2A-A110-25D371F3E281",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED25E87-39BC-4D15-B37A-FCBE97F7D3D2",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49F45207-07ED-4DF8-ABDA-4AD3E9CA26D1",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B885F0E9-8019-4053-AAAA-2C136D55FB71",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6217D65D-B15B-426B-8692-BA461BB57663",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56181224-56D4-43BE-A296-52DF599A2BD5",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D43A55D-E9D4-45A3-8B41-B4B22BE4A536",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D655B3FF-5173-4850-B94C-B864E2115D95",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91F78D2C-DC7C-4B1C-AB44-3CB810240D42",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6355263D-8407-466D-BB71-CB6316EDC668",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9479031-90AA-4C1D-B14C-CDFFBC99CCDE",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "559900D6-7E43-4D2F-9167-BDB04DD5D0DB",
"versionEndIncluding": "5.4.0",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:iworkflow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "592FAA61-E5DE-4619-8B55-3BFE260CEEA8",
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restrictions to overwrite critical system files. Attackers of high privilege level are able to overwrite critical system files which bypasses security controls in place to limit TMSH commands. This is possible with an administrator or resource administrator roles when granted TMSH. Resource administrator roles must have TMSH access in order to perform this attack."
},
{
"lang": "es",
"value": "Cuando BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2 o 11.2.1-11.5.6; BIG-IQ Centralized Management 5.0.0-5.4.0 o 4.6.0; BIG-IQ Cloud and Orchestration 1.0.0; iWorkflow 2.1.0-2.3.0 o Enterprise Manager 3.1.1 est\u00e1 licenciado para el modo Appliance, los roles de administrador Admin y Resource pueden omitir las restricciones del modo Appliance de BIG-IP para sobrescribir archivos cr\u00edticos del sistema. Los atacantes con nivel alto de privilegios pueden sobrescribir archivos cr\u00edticos del sistema, lo que omite los controles de seguridad existentes para limitar los comandos TMSH. Esto es posible con roles de administrador o administrador de recursos cuando se otorga TMSH. Los roles de administrador de recursos deben tener acceso TMSH para realizar este ataque."
}
],
"id": "CVE-2018-15321",
"lastModified": "2024-11-21T03:50:33.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-31T14:29:00.470",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K01067037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K01067037"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-07 10:55
Modified
2024-12-19 18:45
Severity ?
Summary
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
References
Impacted products
{
"cisaActionDue": "2023-06-02",
"cisaExploitAdd": "2023-05-12",
"cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.",
"cisaVulnerabilityName": "Linux Kernel Race Condition Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDB0B31-FFF7-471B-9352-29099002BED7",
"versionEndExcluding": "3.2.59",
"versionStartExcluding": "2.6.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "992BFD6A-701C-4412-9220-F6C77B4E64F3",
"versionEndExcluding": "3.4.91",
"versionStartIncluding": "3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "287DC65B-A513-4FB9-A1CF-69F428030DF8",
"versionEndExcluding": "3.10.40",
"versionStartIncluding": "3.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F8C94-5FA7-4A7A-8855-ECF21B3BBD42",
"versionEndExcluding": "3.12.20",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9996644C-371E-49B9-A494-733B1EA513EC",
"versionEndExcluding": "3.14.4",
"versionStartIncluding": "3.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:-:*:*:*:*:*:*",
"matchCriteriaId": "2887290A-1B43-4DB9-A9D0-B0B56CD78E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A2507858-675B-4DA2-A49E-00DB54700CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc4:*:*:*:*:*:*",
"matchCriteriaId": "0A25EA55-3F1C-440C-A383-0BB9556C9508",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B2665356-4EF5-4543-AD15-67FDB851DCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc6:*:*:*:*:*:*",
"matchCriteriaId": "26E7609B-B058-496D-ACDD-7F69FBDE89E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc7:*:*:*:*:*:*",
"matchCriteriaId": "210BF049-8B3C-4ACC-BF8E-2C3551477602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc8:*:*:*:*:*:*",
"matchCriteriaId": "1837F32C-80D3-4E10-AE5D-E9F5A11A434E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc9:*:*:*:*:*:*",
"matchCriteriaId": "4B4E132B-A69A-4CD1-B4D9-E17C4361A3AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "413CC30E-5FFE-47A4-B38B-80E3A9B13238",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "DD41513F-36F9-459C-A0CB-26C025E63CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "B39F3060-6F9E-4F20-8924-FEF5ED8A30CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F315708-017C-4362-9C09-6774F89D9370",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A430FFB4-418C-43DA-8E17-020618A77A56",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0CC74C-6914-4A6F-A1CE-65A695AE31F6",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54A45725-FECD-4CA9-BFA4-E13FCDFDDF13",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C596B3F-9D93-49D2-99D7-D590CC9AEAA5",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8696A6B-1B56-43B5-A506-21E17735B9CA",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF",
"versionEndIncluding": "11.4.1",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO \u0026 !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."
},
{
"lang": "es",
"value": "La funci\u00f3n n_tty_write en drivers/tty/n_tty.c en el kernel de Linux hasta 3.14.3 no maneja debidamente acceso al controlador tty en el caso \u0027LECHO \u0026 !OPOST\u0027, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de sistema) o ganar privilegios mediante la provocaci\u00f3n de una condici\u00f3n de carrera involucrando operaciones de lectura y escritura con cadenas largas."
}
],
"id": "CVE-2014-0196",
"lastModified": "2024-12-19T18:45:22.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-07T10:55:04.337",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Permissions Required",
"Third Party Advisory"
],
"url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59218"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59262"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59599"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2926"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2928"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/33516"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/106646"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2196-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2197-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2198-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2199-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2200-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2201-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2202-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2203-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2204-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Permissions Required",
"Third Party Advisory"
],
"url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/33516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/106646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2196-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2197-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2198-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2199-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2200-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2201-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2202-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2203-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2204-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-29 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F6D424-26B7-4CD2-80B4-96FBA9E2FA5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C26031-A354-4E19-A1C3-415336B2E7C5",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9AF8FC-B730-428D-B317-86ABEF924299",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A53BE5FB-7405-4952-B3BD-6B0B8213F98A",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2670B3-1A96-4E72-A316-0AF826E8EC8B",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7D64DC-7271-4617-BD46-99C8246779CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69FBB7A9-69E7-4E84-ABBF-3430FA4FB757",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD67D31-7FB8-4A3F-915D-385617E21428",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C4E5F36-434B-48E1-9715-4EEC22FB23D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9970DEE7-9ED1-496F-A5DD-D41A0E13968E",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2620230F-1D8D-423D-953E-9EEF934C56DD",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34D75E7F-B65F-421D-92EE-6B20756019C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1488BC3-CBE9-4944-8573-D7EBE36713B8",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D2F203-B830-42E5-AE54-17453F72A45D",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCF89E7C-806E-4800-BAA9-0225433B6C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79157FB3-C12D-4E05-81A3-776381822B2F",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "283155E5-EEAB-4E05-A0E7-B9C5077A5029",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7569977A-E567-4115-B00C-4B0CBA86582E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E90D8985-EDE3-4613-9B4A-E3929D1D3721",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2F72B2-84F2-4FA2-9B53-E98344235EB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3BBF17-573E-430A-86CB-A9A2A47940E3",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEB08984-6E30-41C0-B283-66D2AAE1E8B7",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72ED4B6A-EC5B-400E-88B7-6C986FC5BC4F",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E859BDBF-D0E7-4621-83F3-4079EEB111BC",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37257612-FAA4-4004-A4D3-4624F06F0615",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42821916-E601-4831-B37B-3202ACF2C562",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96B6E81C-8DCA-4560-ABD7-8FB73FBE3824",
"versionEndIncluding": "11.4.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
"versionEndIncluding": "3.1.1",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."
},
{
"lang": "es",
"value": "racoon/gssapi.c en IPsec-Tools 0.8.2 permite a atacantes remotos causar una denegaci\u00f3n de servicios (referencia a puntero nulo y ca\u00edda de demonio IKE) a trav\u00e9s de una serie de solicitudes UDP manipuladas."
}
],
"id": "CVE-2015-4047",
"lastModified": "2024-11-21T02:30:21.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-29T15:59:19.030",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74739"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032397"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2623-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K05013313"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2623-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K05013313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
Summary
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | https://support.f5.com/csp/article/K28003839 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K28003839 | Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0740491-CFC6-4D53-A39F-3244710282D0",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9094D4-087E-45D8-AD7B-A2FA1BF1E2F8",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D746D9C6-28DE-4170-9F08-16C58F160752",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFECB54D-C240-495E-A97B-6694BB992C9D",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88880F08-386C-4BC3-952D-DD1665D8B1EB",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41D7E35D-EAC4-4D00-BB52-19414EEDD286",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8478F27-F451-4C94-9D45-9FCF30B6EB84",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F24FC1-B549-48F9-AF0E-AB441E5EE4B4",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C47559FB-EC85-4A3A-B967-0BD37934B33D",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40C7F0AE-F55C-42D9-A6EF-1A0D53FFD4DE",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17F63A24-36A9-4C90-B73B-131A5658C4C1",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE608E62-F3E2-405C-8239-760A7C1E1527",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EDF519-7610-4223-BBD7-B75438ACD8B2",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39C62474-8F2E-4394-8B9E-FB06F8CE95C4",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA46825-0425-4C7D-B846-05E6D4081F51",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05456A39-5301-421B-853A-4651E1B13DE8",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C0F266-7321-4BBC-B5C6-8D25DCC1715F",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76F51999-6742-445C-936B-C2873C5F27CB",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A537300-3211-4136-89C7-B99AD4F13B8C",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F921FE3-B481-4552-AE7C-FEE05DB6D301",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28DE49F7-E999-4D3F-8767-A2C3615DF780",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21A5DC79-66A0-4195-9A19-42FD2B5D7941",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "897F4A4D-D2E2-4171-8ECA-7E981034DE16",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F95F43-BF52-423E-9B1A-55D6B7262A57",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ABCEA29-0EDF-4D41-BB61-F2C293A5A2E2",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB32AD06-69AF-4289-B854-ED9141E76582",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31C5842B-0261-4CDB-888E-329FF7D73108",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B73F018-4FAD-48B3-9806-FC827787E323",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55366FD7-D7BA-4D36-AC5D-1B822940842F",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D63E2912-58B9-4541-8E5D-993F73AB74F1",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC818DB1-C85A-47A3-ABE2-0FFCD7AC3E40",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11876D9C-0082-454A-8254-B5FD74E87719",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C050740-2FD3-474D-A09A-C122F031342F",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C21FA11D-0C58-4DF7-85E0-5E8E7B1F14A8",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7193B-3BEF-4920-9893-FF196E785850",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2680D4AD-CCD0-4964-8D8F-CF1FCDA2BEC3",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC80682-E373-4508-A297-EA19BF62BABA",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42E368FA-5A85-428E-B63D-FD027CD46E8E",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5B875A-ACFE-4C98-B6C4-5A6262C09E23",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A00660C1-7A1C-42CF-A829-503DC2EC08E0",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBEBCB3-AF9E-4049-980D-E87B756D6D51",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EC5593-4293-4D2A-A110-25D371F3E281",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED25E87-39BC-4D15-B37A-FCBE97F7D3D2",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49F45207-07ED-4DF8-ABDA-4AD3E9CA26D1",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B885F0E9-8019-4053-AAAA-2C136D55FB71",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6217D65D-B15B-426B-8692-BA461BB57663",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56181224-56D4-43BE-A296-52DF599A2BD5",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D43A55D-E9D4-45A3-8B41-B4B22BE4A536",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D655B3FF-5173-4850-B94C-B864E2115D95",
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91F78D2C-DC7C-4B1C-AB44-3CB810240D42",
"versionEndIncluding": "11.6.3.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6355263D-8407-466D-BB71-CB6316EDC668",
"versionEndIncluding": "12.1.3.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9479031-90AA-4C1D-B14C-CDFFBC99CCDE",
"versionEndIncluding": "13.1.0.7",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "559900D6-7E43-4D2F-9167-BDB04DD5D0DB",
"versionEndIncluding": "5.4.0",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC93C0F-AA5B-4A2B-B205-26F65BCA6780",
"versionEndIncluding": "6.0.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:iworkflow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "015D8D65-126B-4958-8EE2-291487AD4C9B",
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full."
},
{
"lang": "es",
"value": "En BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2 o 11.2.1-11.5.6; BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 o 4.6.0; BIG-IQ Cloud and Orchestration 1.0.0; iWorkflow 2.0.1-2.3.0 o Enterprise Manager 3.1.1, un usuario BIG-IP con acceso tmsh podr\u00eda provocar que el sistema BIG-IP experimente una denegaci\u00f3n de servicio (DoS) cuando este usuario emplea la utilidad tmsh para ejecutar el comando de preferencias edit cli y guarda los cambios repetidamente en otro nombre de archivo. Esta acci\u00f3n emplea almacenamiento de la partici\u00f3n /var y, cuando se realiza repetidamente, provoca que la partici\u00f3n /var se llene."
}
],
"id": "CVE-2018-15322",
"lastModified": "2024-11-21T03:50:33.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-31T14:29:00.517",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K28003839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K28003839"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-01 15:59
Modified
2024-11-21 03:29
Severity ?
Summary
An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "452C59B8-230D-4FC0-B76D-FA6E381E3713",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:f5_iworkflow:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAC5A3C6-E7E1-4C67-B868-0BFA0CCC5956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow."
},
{
"lang": "es",
"value": "Un atacante puede ser capaz de causar un ataque de denegaci\u00f3n de servicio (DoS) contra el componente sshd en F5 BIG-IP, Enterprise Manager, BIG-IQ e iWorkflow"
}
],
"id": "CVE-2017-6128",
"lastModified": "2024-11-21T03:29:06.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-01T15:59:00.227",
"references": [
{
"source": "f5sirt@f5.com",
"url": "http://www.securitytracker.com/id/1038362"
},
{
"source": "f5sirt@f5.com",
"url": "http://www.securitytracker.com/id/1038363"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K92140924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K92140924"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-08 01:15
Modified
2024-11-21 02:11
Severity ?
Summary
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p25:*:*:*:*:*:*",
"matchCriteriaId": "FE315238-7191-4A2E-A3C6-2162BE589C78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40267CF4-9AC8-48ED-9DD4-7F947045AE9C",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "699BDE7D-B02D-41A8-BD2C-936B54107616",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D2F203-B830-42E5-AE54-17453F72A45D",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1331467F-B278-485E-AD91-7D0643C2F3DB",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBAD7C4-AC37-463F-B63C-6EAD5542F2A0",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E695F85-F170-4FD4-819E-7DAF31662BF4",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD67D31-7FB8-4A3F-915D-385617E21428",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E866C4E5-D739-4352-9B6D-9753B4C78A24",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "720A06E3-441B-4D51-8FC0-D569DD7FEB10",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7CC5A1-6E7B-48BE-9E0A-0D1E51FCEA3D",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2620230F-1D8D-423D-953E-9EEF934C56DD",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42D16634-442B-4674-B11E-6748D28764BD",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713EB3E7-A657-4F6A-901D-618AF660CBBC",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C26031-A354-4E19-A1C3-415336B2E7C5",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9AF8FC-B730-428D-B317-86ABEF924299",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D91EC11-DD9A-434B-9EB4-14AA0E977D8D",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2833083-97E9-4B3C-8E6B-BCAC1851D148",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC01B17-9BC3-425F-8187-5AE7B0AAC227",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD8FE5B-DA42-41F3-AF57-2DB6C0C70661",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "283155E5-EEAB-4E05-A0E7-B9C5077A5029",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E697E4FD-1882-4BF8-9B9F-FB7DFD19497B",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6434ED4F-0BA2-445A-B6E9-D3E301EE3930",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E90D8985-EDE3-4613-9B4A-E3929D1D3721",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "394DF290-9328-4FAD-B04E-61F62B916148",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEC2164D-11D0-4DCD-B814-6AB185C3BADF",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F8F3686-2C9F-4EB1-973D-FBBC6401744F",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94BB8ADB-C47F-451D-8431-BAE51137C0D8",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1456F84-12B3-462C-A007-262680AA114B",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68FBFE46-BCFB-4337-8990-9E92C5C0647E",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9071FCDD-36CE-49F2-9CB1-4495BF852F5B",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72ED4B6A-EC5B-400E-88B7-6C986FC5BC4F",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68E2840B-96F4-4437-91D1-4AFE99E54D6A",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C950E6-BF12-43D4-9125-AD9D90EDD67A",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC944480-C2AD-4338-871D-02DE26B3E80A",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "534529CB-53EF-4ABB-A220-6B42DB5A69DC",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2670B3-1A96-4E72-A316-0AF826E8EC8B",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B83479FA-82FB-4F71-9B98-E683745DB49E",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D17CC587-3325-4D95-BE63-B948C63B411D",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A75EC568-E2B5-4F4E-AECC-44EA39A7EA21",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37257612-FAA4-4004-A4D3-4624F06F0615",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15F4D416-10F4-4C08-A25D-0795F7FE0FBE",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AD3B4BB-7F5C-4565-9345-2D4895630AAD",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C31E9AFD-27D1-47C4-A577-20BF6B42A1CA",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "041CE71A-50D1-44E6-B683-CD7F89C51893",
"versionEndIncluding": "11.4.1",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B84923CD-9BC8-4241-82A3-5848333FFEB7",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A35703D-1BE0-459B-BDF0-08FB7C36A17E",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "559900D6-7E43-4D2F-9167-BDB04DD5D0DB",
"versionEndIncluding": "5.4.0",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F37D18F2-8C6A-4557-85DC-2A751595423C",
"versionEndIncluding": "6.1.0",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:iworkflow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD83CC2-44E9-43F2-A9EF-E6A0C9C6E261",
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:mobilesafe:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA70E87-466F-4B68-BFA1-C33FCEEE9FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:websafe:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE8D2705-DD84-4F26-94E1-4E6644556A98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en los mensajes privados (modo 6/7) de NTP versi\u00f3n 4.2.7p25 por medio de un mensaje de control GET_RESTRICT, que podr\u00eda permitir a un usuario malicioso obtener informaci\u00f3n confidencial."
}
],
"id": "CVE-2014-5209",
"lastModified": "2024-11-21T02:11:37.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-08T01:15:09.547",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
},
{
"source": "cret@cert.org",
"url": "https://support.f5.com/csp/article/K44942017"
},
{
"source": "cret@cert.org",
"url": "https://support.f5.com/csp/article/K44942017"
},
{
"source": "cret@cert.org",
"url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K44942017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K44942017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2018-15321
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:54
Severity ?
EPSS score ?
Summary
When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restrictions to overwrite critical system files. Attackers of high privilege level are able to overwrite critical system files which bypasses security controls in place to limit TMSH commands. This is possible with an administrator or resource administrator roles when granted TMSH. Resource administrator roles must have TMSH access in order to perform this attack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K01067037 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | F5 Networks, Inc. | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager |
Version: 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:01.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K01067037"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
}
]
}
],
"datePublic": "2018-10-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restrictions to overwrite critical system files. Attackers of high privilege level are able to overwrite critical system files which bypasses security controls in place to limit TMSH commands. This is possible with an administrator or resource administrator roles when granted TMSH. Resource administrator roles must have TMSH access in order to perform this attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-31T13:57:01",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K01067037"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2018-15321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager",
"version": {
"version_data": [
{
"version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
}
]
}
}
]
},
"vendor_name": "F5 Networks, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restrictions to overwrite critical system files. Attackers of high privilege level are able to overwrite critical system files which bypasses security controls in place to limit TMSH commands. This is possible with an administrator or resource administrator roles when granted TMSH. Resource administrator roles must have TMSH access in order to perform this attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K01067037",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K01067037"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2018-15321",
"datePublished": "2018-10-31T14:00:00",
"dateReserved": "2018-08-14T00:00:00",
"dateUpdated": "2024-08-05T09:54:01.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-7393
Vulnerability from cvelistv5
Published
2016-01-12 20:00
Modified
2024-08-06 07:51
Severity ?
EPSS score ?
Summary
dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html | x_refsource_CONFIRM | |
| http://securitytracker.com/id/1034632 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1034633 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:51:27.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
},
{
"name": "1034632",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id/1034632"
},
{
"name": "1034633",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034633"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-01-12T19:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
},
{
"name": "1034632",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id/1034632"
},
{
"name": "1034633",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034633"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
},
{
"name": "1034632",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id/1034632"
},
{
"name": "1034633",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034633"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7393",
"datePublished": "2016-01-12T20:00:00",
"dateReserved": "2015-09-29T00:00:00",
"dateUpdated": "2024-08-06T07:51:27.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8099
Vulnerability from cvelistv5
Published
2016-05-13 16:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1035873 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1035874 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:31.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035873",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035873"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
},
{
"name": "1035874",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035874"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-13T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1035873",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035873"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
},
{
"name": "1035874",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035874"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8099",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035873",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035873"
},
{
"name": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
},
{
"name": "1035874",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035874"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8099",
"datePublished": "2016-05-13T16:00:00",
"dateReserved": "2015-11-09T00:00:00",
"dateUpdated": "2024-08-06T08:13:31.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-5516
Vulnerability from cvelistv5
Published
2018-05-02 13:00
Modified
2024-09-17 02:41
Severity ?
EPSS score ?
Summary
On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (tmsh) access can access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to exfiltrate objects on the file system which should not be allowed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K37442533 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1040800 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1040799 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | F5 Networks, Inc. | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) |
Version: 13.0.0-13.1.0.5 Version: 12.1.0-12.1.2 Version: 11.2.1-11.6.3.1 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:50.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K37442533"
},
{
"name": "1040800",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040800"
},
{
"name": "1040799",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040799"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe)",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "13.0.0-13.1.0.5"
},
{
"status": "affected",
"version": "12.1.0-12.1.2"
},
{
"status": "affected",
"version": "11.2.1-11.6.3.1"
}
]
},
{
"product": "Enterprise Manager",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "BIG-IQ Centralized Management",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "5.0.0-5.4.0"
},
{
"status": "affected",
"version": "4.6.0"
}
]
},
{
"product": "BIG-IQ Cloud and Orchestration",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "1.0.0"
}
]
},
{
"product": "iWorkflow",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "2.0.2-2.3.0"
}
]
}
],
"datePublic": "2018-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (tmsh) access can access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to exfiltrate objects on the file system which should not be allowed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-03T09:57:01",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K37442533"
},
{
"name": "1040800",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040800"
},
{
"name": "1040799",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040799"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"DATE_PUBLIC": "2018-04-30T00:00:00",
"ID": "CVE-2018-5516",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe)",
"version": {
"version_data": [
{
"version_value": "13.0.0-13.1.0.5"
},
{
"version_value": "12.1.0-12.1.2"
},
{
"version_value": "11.2.1-11.6.3.1"
}
]
}
},
{
"product_name": "Enterprise Manager",
"version": {
"version_data": [
{
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "BIG-IQ Centralized Management",
"version": {
"version_data": [
{
"version_value": "5.0.0-5.4.0"
},
{
"version_value": "4.6.0"
}
]
}
},
{
"product_name": "BIG-IQ Cloud and Orchestration",
"version": {
"version_data": [
{
"version_value": "1.0.0"
}
]
}
},
{
"product_name": "iWorkflow",
"version": {
"version_data": [
{
"version_value": "2.0.2-2.3.0"
}
]
}
}
]
},
"vendor_name": "F5 Networks, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (tmsh) access can access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to exfiltrate objects on the file system which should not be allowed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K37442533",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K37442533"
},
{
"name": "1040800",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040800"
},
{
"name": "1040799",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040799"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2018-5516",
"datePublished": "2018-05-02T13:00:00Z",
"dateReserved": "2018-01-12T00:00:00",
"dateUpdated": "2024-09-17T02:41:51.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4047
Vulnerability from cvelistv5
Published
2015-05-29 15:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3272",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"name": "20150520 Re: 0-day Denial of Service in IPsec-Tools",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"name": "FEDORA-2015-8968",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"name": "20150519 0-day Denial of Service in IPsec-Tools",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"name": "FEDORA-2015-8948",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
},
{
"name": "1032397",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032397"
},
{
"name": "[oss-security] 20150519 CVE Request: ipsec-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"name": "74739",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74739"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"name": "USN-2623-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2623-1"
},
{
"name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K05013313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T14:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3272",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"name": "20150520 Re: 0-day Denial of Service in IPsec-Tools",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"name": "FEDORA-2015-8968",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"name": "20150519 0-day Denial of Service in IPsec-Tools",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"name": "FEDORA-2015-8948",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
},
{
"name": "1032397",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032397"
},
{
"name": "[oss-security] 20150519 CVE Request: ipsec-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"name": "74739",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74739"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"name": "USN-2623-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2623-1"
},
{
"name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K05013313"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3272",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"name": "20150520 Re: 0-day Denial of Service in IPsec-Tools",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"name": "FEDORA-2015-8968",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"name": "20150519 0-day Denial of Service in IPsec-Tools",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"name": "FEDORA-2015-8948",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"name": "https://www.altsci.com/ipsec/ipsec-tools-sa.html",
"refsource": "MISC",
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
},
{
"name": "1032397",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032397"
},
{
"name": "[oss-security] 20150519 CVE Request: ipsec-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"name": "74739",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74739"
},
{
"name": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"name": "USN-2623-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2623-1"
},
{
"name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"name": "https://support.f5.com/csp/article/K05013313",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K05013313"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4047",
"datePublished": "2015-05-29T15:00:00",
"dateReserved": "2015-05-20T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-5540
Vulnerability from cvelistv5
Published
2018-07-19 14:00
Modified
2024-09-17 00:36
Severity ?
EPSS score ?
Summary
On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1041340 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/csp/article/K82038789 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104920 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1041341 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | F5 Networks, Inc. | BIG-IP (DNS, GTM) |
Version: 13.0.0-13.0.1 Version: 12.1.0-12.1.3.3 Version: 11.6.0-11.6.3.1 Version: 11.5.1-11.5.6 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:50.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041340",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041340"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K82038789"
},
{
"name": "104920",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104920"
},
{
"name": "1041341",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP (DNS, GTM)",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "13.0.0-13.0.1"
},
{
"status": "affected",
"version": "12.1.0-12.1.3.3"
},
{
"status": "affected",
"version": "11.6.0-11.6.3.1"
},
{
"status": "affected",
"version": "11.5.1-11.5.6"
}
]
},
{
"product": "Enterprise Manager",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "BIG-IQ Centralized Management",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "5.0.0-5.1.0"
}
]
},
{
"product": "BIG-IQ Cloud and Orchestration",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "1.0.0"
}
]
},
{
"product": "F5 iWorkflow",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "2.1.0-2.3.0"
}
]
}
],
"datePublic": "2018-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-31T09:57:01",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"name": "1041340",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041340"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K82038789"
},
{
"name": "104920",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104920"
},
{
"name": "1041341",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"DATE_PUBLIC": "2018-07-18T00:00:00",
"ID": "CVE-2018-5540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP (DNS, GTM)",
"version": {
"version_data": [
{
"version_value": "13.0.0-13.0.1"
},
{
"version_value": "12.1.0-12.1.3.3"
},
{
"version_value": "11.6.0-11.6.3.1"
},
{
"version_value": "11.5.1-11.5.6"
}
]
}
},
{
"product_name": "Enterprise Manager",
"version": {
"version_data": [
{
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "BIG-IQ Centralized Management",
"version": {
"version_data": [
{
"version_value": "5.0.0-5.1.0"
}
]
}
},
{
"product_name": "BIG-IQ Cloud and Orchestration",
"version": {
"version_data": [
{
"version_value": "1.0.0"
}
]
}
},
{
"product_name": "F5 iWorkflow",
"version": {
"version_data": [
{
"version_value": "2.1.0-2.3.0"
}
]
}
}
]
},
"vendor_name": "F5 Networks, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041340",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041340"
},
{
"name": "https://support.f5.com/csp/article/K82038789",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K82038789"
},
{
"name": "104920",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104920"
},
{
"name": "1041341",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2018-5540",
"datePublished": "2018-07-19T14:00:00Z",
"dateReserved": "2018-01-12T00:00:00",
"dateUpdated": "2024-09-17T00:36:23.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-5209
Vulnerability from cvelistv5
Published
2020-01-08 00:29
Modified
2024-08-06 11:41
Severity ?
EPSS score ?
Summary
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K44942017 | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K44942017?utm_source=f5support&%3Butm_medium=RSS | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/95841 | x_refsource_MISC | |
| https://support.f5.com/csp/article/K44942017 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:47.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K44942017"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K44942017"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NTP",
"vendor": "NTP",
"versions": [
{
"status": "affected",
"version": "4.2.7p25"
}
]
}
],
"datePublic": "2014-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-08T00:31:11",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K44942017"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K44942017"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NTP",
"version": {
"version_data": [
{
"version_value": "4.2.7p25"
}
]
}
}
]
},
"vendor_name": "NTP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K44942017",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K44942017"
},
{
"name": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
},
{
"name": "https://support.f5.com/csp/article/K44942017",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K44942017"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-5209",
"datePublished": "2020-01-08T00:29:42",
"dateReserved": "2014-08-13T00:00:00",
"dateUpdated": "2024-08-06T11:41:47.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0196
Vulnerability from cvelistv5
Published
2014-05-07 10:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:05:39.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2203-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2203-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
},
{
"name": "106646",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/106646"
},
{
"name": "SUSE-SU-2014:0683",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
},
{
"name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
},
{
"name": "59262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59262"
},
{
"name": "USN-2204-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2204-1"
},
{
"name": "59218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59218"
},
{
"name": "USN-2202-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2202-1"
},
{
"name": "33516",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/33516"
},
{
"name": "DSA-2928",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2928"
},
{
"name": "USN-2199-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2199-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
},
{
"name": "USN-2197-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2197-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"name": "RHSA-2014:0512",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
},
{
"name": "59599",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59599"
},
{
"name": "DSA-2926",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2926"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"name": "SUSE-SU-2014:0667",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
},
{
"name": "USN-2198-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2198-1"
},
{
"name": "USN-2200-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2200-1"
},
{
"name": "USN-2201-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2201-1"
},
{
"name": "USN-2196-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2196-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO \u0026 !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-05T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-2203-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2203-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
},
{
"name": "106646",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/106646"
},
{
"name": "SUSE-SU-2014:0683",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
},
{
"name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
},
{
"name": "59262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59262"
},
{
"name": "USN-2204-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2204-1"
},
{
"name": "59218",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59218"
},
{
"name": "USN-2202-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2202-1"
},
{
"name": "33516",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/33516"
},
{
"name": "DSA-2928",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2928"
},
{
"name": "USN-2199-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2199-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
},
{
"name": "USN-2197-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2197-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"name": "RHSA-2014:0512",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
},
{
"name": "59599",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59599"
},
{
"name": "DSA-2926",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2926"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"name": "SUSE-SU-2014:0667",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
},
{
"name": "USN-2198-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2198-1"
},
{
"name": "USN-2200-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2200-1"
},
{
"name": "USN-2201-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2201-1"
},
{
"name": "USN-2196-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2196-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0196",
"datePublished": "2014-05-07T10:00:00",
"dateReserved": "2013-12-03T00:00:00",
"dateUpdated": "2024-08-06T09:05:39.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6128
Vulnerability from cvelistv5
Published
2017-05-01 15:00
Modified
2024-08-05 15:18
Severity ?
EPSS score ?
Summary
An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038363 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/csp/article/K92140924 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038362 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WebSafe |
Version: varies depending on product - see https://support.f5.com/csp/article/K92140924 for table |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:49.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038363"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K92140924"
},
{
"name": "1038362",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038362"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WebSafe",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
}
]
},
{
"product": "Enterprise Manager",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
}
]
},
{
"product": "BIG-IQ Cloud, Device, Security, ADC, Centralized Management, Cloud and Orchestration",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
}
]
},
{
"product": "iWorkflow",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
}
]
}
],
"datePublic": "2017-04-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "sshd is vulnerable to DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"name": "1038363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038363"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K92140924"
},
{
"name": "1038362",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038362"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2017-6128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WebSafe",
"version": {
"version_data": [
{
"version_value": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
}
]
}
},
{
"product_name": "Enterprise Manager",
"version": {
"version_data": [
{
"version_value": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
}
]
}
},
{
"product_name": "BIG-IQ Cloud, Device, Security, ADC, Centralized Management, Cloud and Orchestration",
"version": {
"version_data": [
{
"version_value": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
}
]
}
},
{
"product_name": "iWorkflow",
"version": {
"version_data": [
{
"version_value": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
}
]
}
}
]
},
"vendor_name": "F5 Networks, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "sshd is vulnerable to DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038363"
},
{
"name": "https://support.f5.com/csp/article/K92140924",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K92140924"
},
{
"name": "1038362",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038362"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2017-6128",
"datePublished": "2017-05-01T15:00:00",
"dateReserved": "2017-02-21T00:00:00",
"dateUpdated": "2024-08-05T15:18:49.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5022
Vulnerability from cvelistv5
Published
2016-09-07 19:00
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036710 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036709 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036710",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036710"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
},
{
"name": "1036709",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036709"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-09-07T18:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1036710",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036710"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
},
{
"name": "1036709",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036709"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036710",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036710"
},
{
"name": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
},
{
"name": "1036709",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036709"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5022",
"datePublished": "2016-09-07T19:00:00",
"dateReserved": "2016-05-24T00:00:00",
"dateUpdated": "2024-08-06T00:46:40.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-15322
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:54
Severity ?
EPSS score ?
Summary
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K28003839 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | F5 Networks, Inc. | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager |
Version: 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:01.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K28003839"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
}
]
}
],
"datePublic": "2018-10-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-31T13:57:01",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K28003839"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2018-15322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager",
"version": {
"version_data": [
{
"version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
}
]
}
}
]
},
"vendor_name": "F5 Networks, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K28003839",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K28003839"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2018-15322",
"datePublished": "2018-10-31T14:00:00",
"dateReserved": "2018-08-14T00:00:00",
"dateUpdated": "2024-08-05T09:54:01.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5021
Vulnerability from cvelistv5
Published
2016-06-24 17:00
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/ | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036172 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.222Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/"
},
{
"name": "1036172",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-07-22T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/"
},
{
"name": "1036172",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036172"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/"
},
{
"name": "1036172",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036172"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5021",
"datePublished": "2016-06-24T17:00:00",
"dateReserved": "2016-05-24T00:00:00",
"dateUpdated": "2024-08-06T00:46:40.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}