cnvd - cnvd-2019-22837

CNVD-2019-22837

Vulnerability from cnvd - Published: 2019-07-17

Title

多款F5产品安全绕过漏洞

Description

F5 BIG-IP APM等都是美国F5公司的产品。F5 BIG-IP APM是一套访问和安全解决方案。F5 BIG-IP是一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。F5 BIG-IP Edge Gateway是一套远程接入解决方案。多款F5产品中存在安全漏洞。攻击者可利用该漏洞绕过Advanced Shell直接访问保护。

Severity

高

Formal description

目前厂商暂未发布修复措施解决此安全问题，建议使用此软件的用户随时关注厂商主页或参考网址以获取解决办法： https://www.f5.com

Reference

https://support.f5.com/csp/article/K40378764

Impacted products

Name
['F5 BIG-IP', 'F5 BIG-IP APM', 'F5 BIG-IP Edge Gateway']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-6642"
    }
  },
  "description": "F5 BIG-IP APM\u7b49\u90fd\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4ea7\u54c1\u3002F5 BIG-IP APM\u662f\u4e00\u5957\u8bbf\u95ee\u548c\u5b89\u5168\u89e3\u51b3\u65b9\u6848\u3002F5 BIG-IP\u662f\u4e00\u6b3e\u96c6\u6210\u4e86\u7f51\u7edc\u6d41\u91cf\u7ba1\u7406\u3001\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u7ba1\u7406\u3001\u8d1f\u8f7d\u5747\u8861\u7b49\u529f\u80fd\u7684\u5e94\u7528\u4ea4\u4ed8\u5e73\u53f0\u3002F5 BIG-IP Edge Gateway\u662f\u4e00\u5957\u8fdc\u7a0b\u63a5\u5165\u89e3\u51b3\u65b9\u6848\u3002\n\n\u591a\u6b3eF5\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7Advanced Shell\u76f4\u63a5\u8bbf\u95ee\u4fdd\u62a4\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u76ee\u524d\u5382\u5546\u6682\u672a\u53d1\u5e03\u4fee\u590d\u63aa\u65bd\u89e3\u51b3\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u6216\u53c2\u8003\u7f51\u5740\u4ee5\u83b7\u53d6\u89e3\u51b3\u529e\u6cd5\uff1a\r\nhttps://www.f5.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-22837",
  "openTime": "2019-07-17",
  "products": {
    "product": [
      "F5 BIG-IP",
      "F5 BIG-IP APM",
      "F5 BIG-IP Edge Gateway"
    ]
  },
  "referenceLink": "https://support.f5.com/csp/article/K40378764",
  "serverity": "\u9ad8",
  "submitTime": "2019-06-28",
  "title": "\u591a\u6b3eF5\u4ea7\u54c1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2019-6642 (GCVE-0-2019-6642)

Vulnerability from cvelistv5 – Published: 2019-07-01 20:21 – Updated: 2024-08-04 20:23

Summary

In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to allow root shell access from within the TMOS Shell (tmsh) interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp.

Severity ?

No CVSS data available.

CWE

Privilege Escalation

Assigner

References

URL

Tags

	https://support.f5.com/csp/article/K40378764	x_refsource_CONFIRM
	https://support.f5.com/csp/article/K40378764?utm_…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	F5	BIG-IP, BIG-IQ, iWorkflow, Enterprise Manager	Affected: BIG-IP 15.0.0 Affected: 14.0.0-14.1.0.5 Affected: 13.0.0-13.1.1.5 Affected: 12.1.0-12.1.4.2 Affected: 11.5.2-11.6.4 Affected: BIG-IQ 6.0.0-6.1.0 Affected: 5.1.0-5.4.0 Affected: iWorkflow 2.3.0 Affected: Enterprise Manager 3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.538Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K40378764"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K40378764?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP, BIG-IQ, iWorkflow, Enterprise Manager",
          "vendor": "F5",
          "versions": [
            {
              "status": "affected",
              "version": "BIG-IP 15.0.0"
            },
            {
              "status": "affected",
              "version": "14.0.0-14.1.0.5"
            },
            {
              "status": "affected",
              "version": "13.0.0-13.1.1.5"
            },
            {
              "status": "affected",
              "version": "12.1.0-12.1.4.2"
            },
            {
              "status": "affected",
              "version": "11.5.2-11.6.4"
            },
            {
              "status": "affected",
              "version": "BIG-IQ 6.0.0-6.1.0"
            },
            {
              "status": "affected",
              "version": "5.1.0-5.4.0"
            },
            {
              "status": "affected",
              "version": "iWorkflow 2.3.0"
            },
            {
              "status": "affected",
              "version": "Enterprise Manager 3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to allow root shell access from within the TMOS Shell (tmsh) interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Privilege Escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-09T19:06:40",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K40378764"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K40378764?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2019-6642",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP, BIG-IQ, iWorkflow, Enterprise Manager",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "BIG-IP 15.0.0"
                          },
                          {
                            "version_value": "14.0.0-14.1.0.5"
                          },
                          {
                            "version_value": "13.0.0-13.1.1.5"
                          },
                          {
                            "version_value": "12.1.0-12.1.4.2"
                          },
                          {
                            "version_value": "11.5.2-11.6.4"
                          },
                          {
                            "version_value": "BIG-IQ 6.0.0-6.1.0"
                          },
                          {
                            "version_value": "5.1.0-5.4.0"
                          },
                          {
                            "version_value": "iWorkflow 2.3.0"
                          },
                          {
                            "version_value": "Enterprise Manager 3.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to allow root shell access from within the TMOS Shell (tmsh) interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Privilege Escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K40378764",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K40378764"
            },
            {
              "name": "https://support.f5.com/csp/article/K40378764?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K40378764?utm_source=f5support\u0026amp;utm_medium=RSS"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2019-6642",
    "datePublished": "2019-07-01T20:21:01",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.538Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-22837

CVE-2019-6642 (GCVE-0-2019-6642)

Tags

Sightings

Nomenclature