cnvd - cnvd-2018-10103

CNVD-2018-10103

Vulnerability from cnvd - Published: 2018-05-23

Title

多款F5产品TMOS Shell信息泄露漏洞

Description

F5 BIG-IP LTM等都是美国F5公司的产品。F5 BIG-IP LTM是一款本地流量管理器；BIG-IP AAM是一款应用程序加速管理器。TMOS Shell（tmsh）是其中的一个命令行工具。多款F5产品中的TMOS Shell存在安全漏洞。攻击者可利用该漏洞获取文件系统上的对象。

Severity

中

Patch Name

多款F5产品TMOS Shell信息泄露漏洞的补丁

Patch Description

F5 BIG-IP LTM等都是美国F5公司的产品。F5 BIG-IP LTM是一款本地流量管理器；BIG-IP AAM是一款应用程序加速管理器。TMOS Shell（tmsh）是其中的一个命令行工具。多款F5产品中的TMOS Shell存在安全漏洞。攻击者可利用该漏洞获取文件系统上的对象。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://support.f5.com/csp/article/K37442533

Reference

https://securitytracker.com/id/1040800 https://nvd.nist.gov/vuln/detail/CVE-2018-5516

Impacted products

Name
['F5 BIG-IQ Centralized Management 4.6.0', 'F5 BIG-IQ Cloud and Orchestration 1.0.0', 'F5 Enterprise Manager 3.1.1', 'F5 BIG-IP LTM >=12.1.0，<=12.1.2', 'F5 BIG-IP AAM >=12.1.0，<=12.1.2', 'F5 BIG-IP AFM >=12.1.0，<=12.1.2', 'F5 BIG-IP APM >=12.1.0，<=12.1.2', 'F5 BIG-IP ASM >=12.1.0，<=12.1.2', 'F5 BIG-IP Link Controller >=12.1.0，<=12.1.2', 'F5 BIG-IP PEM >=12.1.0，<=12.1.2', 'F5 BIG-IP WebSafe >=12.1.0，<=12.1.2', 'F5 BIG-IP LTM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP AAM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP AFM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP Analytics >=13.0.0，<=13.1.0.5', 'F5 BIG-IP APM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP ASM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP DNS >=13.0.0，<=13.1.0.5', 'F5 BIG-IP Edge Gateway >=13.0.0，<=13.1.0.5', 'F5 BIG-IP GTM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP Link Controller >=13.0.0，<=13.1.0.5', 'F5 BIG-IP PEM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP WebAccelerator >=13.0.0，<=13.1.0.5', 'F5 BIG-IP LTM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP AAM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP AFM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP Analytics >=11.2.1，<=11.6.3.1', 'F5 BIG-IP APM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP ASM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP DNS >=11.2.1，<=11.6.3.1', 'F5 BIG-IP Edge Gateway >=11.2.1，<=11.6.3.1', 'F5 BIG-IP GTM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP Link Controller >=11.2.1，<=11.6.3.1', 'F5 BIG-IP PEM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP WebAccelerator >=11.2.1，<=11.6.3.1', 'F5 BIG-IP WebSafe >=11.2.1，<=11.6.3.1', 'F5 BIG-IQ Centralized Management >=5.0.0，<=5.4.0', 'F5 iWorkflow >=2.0.2，<=2.3.0']

Name

['F5 BIG-IQ Centralized Management 4.6.0', 'F5 BIG-IQ Cloud and Orchestration 1.0.0', 'F5 Enterprise Manager 3.1.1', 'F5 BIG-IP LTM >=12.1.0，<=12.1.2', 'F5 BIG-IP AAM >=12.1.0，<=12.1.2', 'F5 BIG-IP AFM >=12.1.0，<=12.1.2', 'F5 BIG-IP APM >=12.1.0，<=12.1.2', 'F5 BIG-IP ASM >=12.1.0，<=12.1.2', 'F5 BIG-IP Link Controller >=12.1.0，<=12.1.2', 'F5 BIG-IP PEM >=12.1.0，<=12.1.2', 'F5 BIG-IP WebSafe >=12.1.0，<=12.1.2', 'F5 BIG-IP LTM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP AAM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP AFM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP Analytics >=13.0.0，<=13.1.0.5', 'F5 BIG-IP APM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP ASM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP DNS >=13.0.0，<=13.1.0.5', 'F5 BIG-IP Edge Gateway >=13.0.0，<=13.1.0.5', 'F5 BIG-IP GTM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP Link Controller >=13.0.0，<=13.1.0.5', 'F5 BIG-IP PEM >=13.0.0，<=13.1.0.5', 'F5 BIG-IP WebAccelerator >=13.0.0，<=13.1.0.5', 'F5 BIG-IP LTM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP AAM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP AFM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP Analytics >=11.2.1，<=11.6.3.1', 'F5 BIG-IP APM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP ASM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP DNS >=11.2.1，<=11.6.3.1', 'F5 BIG-IP Edge Gateway >=11.2.1，<=11.6.3.1', 'F5 BIG-IP GTM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP Link Controller >=11.2.1，<=11.6.3.1', 'F5 BIG-IP PEM >=11.2.1，<=11.6.3.1', 'F5 BIG-IP WebAccelerator >=11.2.1，<=11.6.3.1', 'F5 BIG-IP WebSafe >=11.2.1，<=11.6.3.1', 'F5 BIG-IQ Centralized Management >=5.0.0，<=5.4.0', 'F5 iWorkflow >=2.0.2，<=2.3.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-5516"
    }
  },
  "description": "F5 BIG-IP LTM\u7b49\u90fd\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4ea7\u54c1\u3002F5 BIG-IP LTM\u662f\u4e00\u6b3e\u672c\u5730\u6d41\u91cf\u7ba1\u7406\u5668\uff1bBIG-IP AAM\u662f\u4e00\u6b3e\u5e94\u7528\u7a0b\u5e8f\u52a0\u901f\u7ba1\u7406\u5668\u3002TMOS Shell\uff08tmsh\uff09\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u547d\u4ee4\u884c\u5de5\u5177\u3002\r\n\r\n\u591a\u6b3eF5\u4ea7\u54c1\u4e2d\u7684TMOS Shell\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6587\u4ef6\u7cfb\u7edf\u4e0a\u7684\u5bf9\u8c61\u3002",
  "discovererName": "F5",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.f5.com/csp/article/K37442533",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-10103",
  "openTime": "2018-05-23",
  "patchDescription": "F5 BIG-IP LTM\u7b49\u90fd\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4ea7\u54c1\u3002F5 BIG-IP LTM\u662f\u4e00\u6b3e\u672c\u5730\u6d41\u91cf\u7ba1\u7406\u5668\uff1bBIG-IP AAM\u662f\u4e00\u6b3e\u5e94\u7528\u7a0b\u5e8f\u52a0\u901f\u7ba1\u7406\u5668\u3002TMOS Shell\uff08tmsh\uff09\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u547d\u4ee4\u884c\u5de5\u5177\u3002\r\n\r\n\u591a\u6b3eF5\u4ea7\u54c1\u4e2d\u7684TMOS Shell\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6587\u4ef6\u7cfb\u7edf\u4e0a\u7684\u5bf9\u8c61\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eF5\u4ea7\u54c1TMOS Shell\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "F5 BIG-IQ Centralized Management  4.6.0",
      "F5 BIG-IQ Cloud and Orchestration 1.0.0",
      "F5 Enterprise Manager 3.1.1",
      "F5 BIG-IP LTM \u003e=12.1.0\uff0c\u003c=12.1.2",
      "F5 BIG-IP AAM \u003e=12.1.0\uff0c\u003c=12.1.2",
      "F5 BIG-IP AFM \u003e=12.1.0\uff0c\u003c=12.1.2",
      "F5 BIG-IP APM \u003e=12.1.0\uff0c\u003c=12.1.2",
      "F5 BIG-IP ASM \u003e=12.1.0\uff0c\u003c=12.1.2",
      "F5 BIG-IP Link Controller \u003e=12.1.0\uff0c\u003c=12.1.2",
      "F5 BIG-IP PEM \u003e=12.1.0\uff0c\u003c=12.1.2",
      "F5 BIG-IP WebSafe \u003e=12.1.0\uff0c\u003c=12.1.2",
      "F5 BIG-IP LTM \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP AAM \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP AFM \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP Analytics \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP APM \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP ASM \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP DNS \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP Edge Gateway \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP GTM \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP Link Controller \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP PEM \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP WebAccelerator \u003e=13.0.0\uff0c\u003c=13.1.0.5",
      "F5 BIG-IP LTM \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP AAM \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP AFM \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP Analytics \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP APM \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP ASM \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP DNS \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP Edge Gateway \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP GTM \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP Link Controller \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP PEM \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP WebAccelerator \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IP WebSafe \u003e=11.2.1\uff0c\u003c=11.6.3.1",
      "F5 BIG-IQ Centralized Management  \u003e=5.0.0\uff0c\u003c=5.4.0",
      "F5 iWorkflow \u003e=2.0.2\uff0c\u003c=2.3.0"
    ]
  },
  "referenceLink": "https://securitytracker.com/id/1040800\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-5516",
  "serverity": "\u4e2d",
  "submitTime": "2018-05-02",
  "title": "\u591a\u6b3eF5\u4ea7\u54c1TMOS Shell\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2018-5516 (GCVE-0-2018-5516)

Vulnerability from cvelistv5 – Published: 2018-05-02 13:00 – Updated: 2024-09-17 02:41

Summary

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (tmsh) access can access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to exfiltrate objects on the file system which should not be allowed.

Severity ?

No CVSS data available.

CWE

Privilege escalation

Assigner

References

URL

Tags

	https://support.f5.com/csp/article/K37442533	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1040800	vdb-entryx_refsource_SECTRACK
	http://www.securitytracker.com/id/1040799	vdb-entryx_refsource_SECTRACK

Impacted products

Vendor

Product

Version

F5 Networks, Inc.

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe)

Affected: 13.0.0-13.1.0.5
Affected: 12.1.0-12.1.2
Affected: 11.2.1-11.6.3.1

F5 Networks, Inc.	Enterprise Manager	Affected: 3.1.1
F5 Networks, Inc.	BIG-IQ Centralized Management	Affected: 5.0.0-5.4.0 Affected: 4.6.0
F5 Networks, Inc.	BIG-IQ Cloud and Orchestration	Affected: 1.0.0
F5 Networks, Inc.	iWorkflow	Affected: 2.0.2-2.3.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:40:50.596Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K37442533"
          },
          {
            "name": "1040800",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040800"
          },
          {
            "name": "1040799",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040799"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe)",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "13.0.0-13.1.0.5"
            },
            {
              "status": "affected",
              "version": "12.1.0-12.1.2"
            },
            {
              "status": "affected",
              "version": "11.2.1-11.6.3.1"
            }
          ]
        },
        {
          "product": "Enterprise Manager",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "3.1.1"
            }
          ]
        },
        {
          "product": "BIG-IQ Centralized Management",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0-5.4.0"
            },
            {
              "status": "affected",
              "version": "4.6.0"
            }
          ]
        },
        {
          "product": "BIG-IQ Cloud and Orchestration",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "1.0.0"
            }
          ]
        },
        {
          "product": "iWorkflow",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "2.0.2-2.3.0"
            }
          ]
        }
      ],
      "datePublic": "2018-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (tmsh) access can access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to exfiltrate objects on the file system which should not be allowed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Privilege escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-03T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K37442533"
        },
        {
          "name": "1040800",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040800"
        },
        {
          "name": "1040799",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040799"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "DATE_PUBLIC": "2018-04-30T00:00:00",
          "ID": "CVE-2018-5516",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "13.0.0-13.1.0.5"
                          },
                          {
                            "version_value": "12.1.0-12.1.2"
                          },
                          {
                            "version_value": "11.2.1-11.6.3.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Enterprise Manager",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "3.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "BIG-IQ Centralized Management",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "5.0.0-5.4.0"
                          },
                          {
                            "version_value": "4.6.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "BIG-IQ Cloud and Orchestration",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "1.0.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "iWorkflow",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.0.2-2.3.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell (tmsh) access can access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to exfiltrate objects on the file system which should not be allowed."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Privilege escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K37442533",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K37442533"
            },
            {
              "name": "1040800",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040800"
            },
            {
              "name": "1040799",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040799"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-5516",
    "datePublished": "2018-05-02T13:00:00Z",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-09-17T02:41:51.080Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-10103

CVE-2018-5516 (GCVE-0-2018-5516)

Tags

Sightings

Nomenclature