cvelistv5 - cve-2018-5529

CVE-2018-5529 (GCVE-0-2018-5529)

Vulnerability from cvelistv5 – Published: 2018-07-12 18:00 – Updated: 2024-09-16 18:55

Summary

Severity ?

No CVSS data available.

CWE

Privilege Escalation

Assigner

References

URL

Tags

	http://www.securityfocus.com/bid/104730	vdb-entryx_refsource_BID
	https://support.f5.com/csp/article/K52171282	x_refsource_CONFIRM
	https://github.com/mirchr/security-research/blob/…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	F5 Networks, Inc.	BIG-IP APM client for Linux and Mac OSX	Affected: prior to version 7.1.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:40:50.672Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "104730",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104730"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K52171282"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP APM client for Linux and Mac OSX",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "prior to version 7.1.7"
            }
          ]
        }
      ],
      "datePublic": "2018-07-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Privilege Escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-24T16:55:50",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "name": "104730",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104730"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K52171282"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "DATE_PUBLIC": "2018-07-12T00:00:00",
          "ID": "CVE-2018-5529",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP APM client for Linux and Mac OSX",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to version 7.1.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Privilege Escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "104730",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104730"
            },
            {
              "name": "https://support.f5.com/csp/article/K52171282",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K52171282"
            },
            {
              "name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt",
              "refsource": "MISC",
              "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-5529",
    "datePublished": "2018-07-12T18:00:00Z",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-09-16T18:55:42.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:clients:*:*:*\", \"versionStartIncluding\": \"7.1.5\", \"versionEndIncluding\": \"7.1.6.1\", \"matchCriteriaId\": \"33F1989D-47D6-4F0D-AD4B-A44BB662030C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.5.1\", \"versionEndIncluding\": \"11.5.6\", \"matchCriteriaId\": \"4DE7E7F2-2026-4407-8F0E-168DE0D4F935\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.3\", \"matchCriteriaId\": \"6BB42D3A-71EE-4367-9F65-86404D74E59D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.0.0\", \"versionEndIncluding\": \"13.1.0\", \"matchCriteriaId\": \"3331F4E7-A17F-41E2-B3FD-0F212626858D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_edge:*:*:*:*:clients:*:*:*\", \"versionStartIncluding\": \"7101\", \"versionEndIncluding\": \"7150\", \"matchCriteriaId\": \"8ECC3A05-0B24-4008-AA32-6AD8A942D7B7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.\"}, {\"lang\": \"es\", \"value\": \"El componente svpn del cliente F5 BIG-IP APM en versiones anteriores a la 7.1.7 para Linux y Mac OS X se ejecuta como proceso privilegiado y puede permitir que un usuario sin privilegios asuma privilegios de superusuario en el host del cliente local. Un usuario local malicioso no privilegiado podr\\u00eda obtener conocimientos de informaci\\u00f3n sensible, manipular ciertos datos o interrumpir el servicio.\"}]",
      "id": "CVE-2018-5529",
      "lastModified": "2024-11-21T04:09:00.290",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-07-12T18:29:00.577",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/104730\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt\", \"source\": \"f5sirt@f5.com\"}, {\"url\": \"https://support.f5.com/csp/article/K52171282\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/104730\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.f5.com/csp/article/K52171282\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "f5sirt@f5.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-5529\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2018-07-12T18:29:00.577\",\"lastModified\":\"2024-11-21T04:09:00.290\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.\"},{\"lang\":\"es\",\"value\":\"El componente svpn del cliente F5 BIG-IP APM en versiones anteriores a la 7.1.7 para Linux y Mac OS X se ejecuta como proceso privilegiado y puede permitir que un usuario sin privilegios asuma privilegios de superusuario en el host del cliente local. Un usuario local malicioso no privilegiado podr\u00eda obtener conocimientos de informaci\u00f3n sensible, manipular ciertos datos o interrumpir el servicio.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:clients:*:*:*\",\"versionStartIncluding\":\"7.1.5\",\"versionEndIncluding\":\"7.1.6.1\",\"matchCriteriaId\":\"33F1989D-47D6-4F0D-AD4B-A44BB662030C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.1\",\"versionEndIncluding\":\"11.5.6\",\"matchCriteriaId\":\"4DE7E7F2-2026-4407-8F0E-168DE0D4F935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.3\",\"matchCriteriaId\":\"6BB42D3A-71EE-4367-9F65-86404D74E59D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.0.0\",\"versionEndIncluding\":\"13.1.0\",\"matchCriteriaId\":\"3331F4E7-A17F-41E2-B3FD-0F212626858D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge:*:*:*:*:clients:*:*:*\",\"versionStartIncluding\":\"7101\",\"versionEndIncluding\":\"7150\",\"matchCriteriaId\":\"8ECC3A05-0B24-4008-AA32-6AD8A942D7B7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/104730\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt\",\"source\":\"f5sirt@f5.com\"},{\"url\":\"https://support.f5.com/csp/article/K52171282\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104730\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.f5.com/csp/article/K52171282\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

VAR-201807-2198

Vulnerability from variot - Updated: 2023-12-18 12:56

The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service. F5 BIG-IP APM client Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. F5 BIG-IP APM Client is prone to a local privilege escalation vulnerability. Local attackers may exploit this issue to gain elevated privileges. The software primarily provides unified access to business-critical applications and networks. svpn is one of the VPN components. policyserver is one of the policy servers. There are security vulnerabilities in the svpn and policyserver components of F5 BIG-IP APM client versions earlier than 7.1.7.1 based on Linux and macOS platforms

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201807-2198",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "big-ip access policy manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "f5",
        "version": "7.1.5"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "f5",
        "version": "11.5.1"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "f5",
        "version": "12.1.3"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "f5",
        "version": "12.1.0"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "f5",
        "version": "11.5.6"
      },
      {
        "model": "big-ip edge",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "f5",
        "version": "7101"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "f5",
        "version": "13.0.0"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "f5",
        "version": "7.1.6.1"
      },
      {
        "model": "big-ip edge",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "f5",
        "version": "7150"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "f5",
        "version": "13.1.0"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "f5",
        "version": "11.5.1 to  11.5.6"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "f5",
        "version": "12.1.0 to  12.1.3"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "f5",
        "version": "13.0.0 to  13.1.0"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "f5",
        "version": "clients 7.1.5 to  7.1.6.1"
      },
      {
        "model": "big-ip edge client",
        "scope": null,
        "trust": 0.8,
        "vendor": "f5",
        "version": null
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f5",
        "version": "12.1.0"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f5",
        "version": "11.5.2"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f5",
        "version": "12.1.1"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f5",
        "version": "11.5.4"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f5",
        "version": "11.5.3"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f5",
        "version": "11.5.1"
      },
      {
        "model": "big-ip access policy manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f5",
        "version": "11.5.5"
      },
      {
        "model": "big-ip edge client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "7150"
      },
      {
        "model": "big-ip edge client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "7101"
      },
      {
        "model": "big-ip apm clients",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "7.1.5"
      },
      {
        "model": "big-ip apm clients",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "7.1.6.1"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "13.1"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "13.0"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "12.1.3"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "12.1.2"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "12.1.1"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.6"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.5"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.3"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.2"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.1"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "12.1.0"
      },
      {
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.4"
      },
      {
        "model": "big-ip apm clients",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "7.1.7"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "104730"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5529"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-1120"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.0",
                    "versionStartIncluding": "13.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "12.1.3",
                    "versionStartIncluding": "12.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.5.6",
                    "versionStartIncluding": "11.5.1",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge:*:*:*:*:clients:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "7150",
                    "versionStartIncluding": "7101",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:clients:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "7.1.6.1",
                    "versionStartIncluding": "7.1.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-5529"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rich Mirch",
    "sources": [
      {
        "db": "BID",
        "id": "104730"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-5529",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 4.6,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2018-5529",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-135577",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-135560",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-5529",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-5529",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201807-1120",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-135577",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-135560",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-5529",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-135577"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135560"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-5529"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5529"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-1120"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service. F5 BIG-IP APM client Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. F5 BIG-IP APM Client is prone to a local privilege escalation vulnerability. \nLocal attackers may exploit this issue to gain elevated privileges. The software primarily provides unified access to business-critical applications and networks. svpn is one of the VPN components. policyserver is one of the policy servers. There are security vulnerabilities in the svpn and policyserver components of F5 BIG-IP APM client versions earlier than 7.1.7.1 based on Linux and macOS platforms",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-5529"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      },
      {
        "db": "BID",
        "id": "104730"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135577"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135560"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-5529"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-5529",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "104730",
        "trust": 2.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007937",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-1120",
        "trust": 0.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-560",
        "trust": 0.1
      },
      {
        "db": "SECTRACK",
        "id": "1041510",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-135577",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-135560",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-5529",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-135577"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135560"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-5529"
      },
      {
        "db": "BID",
        "id": "104730"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5529"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-1120"
      }
    ]
  },
  "id": "VAR-201807-2198",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-135577"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135560"
      }
    ],
    "trust": 0.64448256
  },
  "last_update_date": "2023-12-18T12:56:50.254000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "K52171282",
        "trust": 0.8,
        "url": "https://support.f5.com/csp/article/k52171282"
      },
      {
        "title": "F5 BIG-IP APM client svpn Fixes for component security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82125"
      },
      {
        "title": "security-research",
        "trust": 0.1,
        "url": "https://github.com/mirchr/security-research "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-5529"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-1120"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.0
      },
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-732",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-135577"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5529"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/104730"
      },
      {
        "trust": 2.1,
        "url": "https://support.f5.com/csp/article/k52171282"
      },
      {
        "trust": 1.9,
        "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/f5/cve-2018-5529.txt"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5529"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5529"
      },
      {
        "trust": 0.3,
        "url": "http://www.f5.com/"
      },
      {
        "trust": 0.1,
        "url": "https://support.f5.com/csp/article/k54431371"
      },
      {
        "trust": 0.1,
        "url": "http://www.securitytracker.com/id/1041510"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/mirchr/security-research"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-135577"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135560"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-5529"
      },
      {
        "db": "BID",
        "id": "104730"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5529"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-1120"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-135577"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135560"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-5529"
      },
      {
        "db": "BID",
        "id": "104730"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5529"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-1120"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-08-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-135577"
      },
      {
        "date": "2018-07-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-135560"
      },
      {
        "date": "2018-07-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-5529"
      },
      {
        "date": "2018-07-12T00:00:00",
        "db": "BID",
        "id": "104730"
      },
      {
        "date": "2018-10-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      },
      {
        "date": "2018-07-12T18:29:00.577000",
        "db": "NVD",
        "id": "CVE-2018-5529"
      },
      {
        "date": "2018-07-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201807-1120"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-135577"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-135560"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-5529"
      },
      {
        "date": "2018-07-12T00:00:00",
        "db": "BID",
        "id": "104730"
      },
      {
        "date": "2018-10-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      },
      {
        "date": "2019-10-03T00:03:26.223000",
        "db": "NVD",
        "id": "CVE-2018-5529"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201807-1120"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "104730"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-1120"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "F5 BIG-IP APM client Vulnerabilities related to authorization, permissions, and access control",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007937"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control issues",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-1120"
      }
    ],
    "trust": 0.6
  }
}

GSD-2018-5529

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-5529

Aliases

CVE-2018-5529

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-5529",
    "description": "The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.",
    "id": "GSD-2018-5529"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-5529"
      ],
      "details": "The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.",
      "id": "GSD-2018-5529",
      "modified": "2023-12-13T01:22:40.638174Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "f5sirt@f5.com",
        "DATE_PUBLIC": "2018-07-12T00:00:00",
        "ID": "CVE-2018-5529",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "BIG-IP APM client for Linux and Mac OSX",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "prior to version 7.1.7"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "F5 Networks, Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Privilege Escalation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "104730",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/104730"
          },
          {
            "name": "https://support.f5.com/csp/article/K52171282",
            "refsource": "CONFIRM",
            "url": "https://support.f5.com/csp/article/K52171282"
          },
          {
            "name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt",
            "refsource": "MISC",
            "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.0",
                    "versionStartIncluding": "13.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "12.1.3",
                    "versionStartIncluding": "12.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.5.6",
                    "versionStartIncluding": "11.5.1",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge:*:*:*:*:clients:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "7150",
                    "versionStartIncluding": "7101",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:clients:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "7.1.6.1",
                    "versionStartIncluding": "7.1.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2018-5529"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K52171282",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.f5.com/csp/article/K52171282"
            },
            {
              "name": "104730",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/104730"
            },
            {
              "name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt",
              "refsource": "MISC",
              "tags": [],
              "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2018-07-12T18:29Z"
    }
  }
}

CNVD-2018-20569

Vulnerability from cnvd - Published: 2018-10-11

Title

F5 BIG-IP APM client svpn组件设计漏洞

Description

F5 BIG-IP APM client是美国F5公司的一套访问和安全解决方案中的客户端软件。该软件主要提供统一访问关键业务应用和网络的功能。svpn component是其中的一个VPN组件。基于Linux和Mac OS X平台的F5 BIG-IP APM client 7.1.7之前版本中的svpn组件存在安全漏洞。本地攻击者可利用该漏洞获取敏感信息，操纵数据或中断服务。

Severity

中

Patch Name

F5 BIG-IP APM client svpn组件设计漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://support.f5.com/csp/article/K52171282

Reference

https://support.f5.com/csp/article/K52171282

Impacted products

Name
F5 BIG-IP APM client(for Linux and Mac OS X ) <7.1.7

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-5529"
    }
  },
  "description": "F5 BIG-IP APM client\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4e00\u5957\u8bbf\u95ee\u548c\u5b89\u5168\u89e3\u51b3\u65b9\u6848\u4e2d\u7684\u5ba2\u6237\u7aef\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u4e3b\u8981\u63d0\u4f9b\u7edf\u4e00\u8bbf\u95ee\u5173\u952e\u4e1a\u52a1\u5e94\u7528\u548c\u7f51\u7edc\u7684\u529f\u80fd\u3002svpn component\u662f\u5176\u4e2d\u7684\u4e00\u4e2aVPN\u7ec4\u4ef6\u3002\r\n\r\n\u57fa\u4e8eLinux\u548cMac OS X\u5e73\u53f0\u7684F5 BIG-IP APM client 7.1.7\u4e4b\u524d\u7248\u672c\u4e2d\u7684svpn\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\uff0c\u64cd\u7eb5\u6570\u636e\u6216\u4e2d\u65ad\u670d\u52a1\u3002",
  "discovererName": "Rich Mirch",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://support.f5.com/csp/article/K52171282",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-20569",
  "openTime": "2018-10-11",
  "patchDescription": "F5 BIG-IP APM client\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4e00\u5957\u8bbf\u95ee\u548c\u5b89\u5168\u89e3\u51b3\u65b9\u6848\u4e2d\u7684\u5ba2\u6237\u7aef\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u4e3b\u8981\u63d0\u4f9b\u7edf\u4e00\u8bbf\u95ee\u5173\u952e\u4e1a\u52a1\u5e94\u7528\u548c\u7f51\u7edc\u7684\u529f\u80fd\u3002svpn component\u662f\u5176\u4e2d\u7684\u4e00\u4e2aVPN\u7ec4\u4ef6\u3002\r\n\r\n\u57fa\u4e8eLinux\u548cMac OS X\u5e73\u53f0\u7684F5 BIG-IP APM client 7.1.7\u4e4b\u524d\u7248\u672c\u4e2d\u7684svpn\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\uff0c\u64cd\u7eb5\u6570\u636e\u6216\u4e2d\u65ad\u670d\u52a1\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "F5 BIG-IP APM client svpn\u7ec4\u4ef6\u8bbe\u8ba1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "F5 BIG-IP APM client(for Linux and Mac OS X ) \u003c7.1.7"
  },
  "referenceLink": "https://support.f5.com/csp/article/K52171282",
  "serverity": "\u4e2d",
  "submitTime": "2018-07-17",
  "title": "F5 BIG-IP APM client svpn\u7ec4\u4ef6\u8bbe\u8ba1\u6f0f\u6d1e"
}

FKIE_CVE-2018-5529

Vulnerability from fkie_nvd - Published: 2018-07-12 18:29 - Updated: 2024-11-21 04:09

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
f5sirt@f5.com	http://www.securityfocus.com/bid/104730	Third Party Advisory, VDB Entry
f5sirt@f5.com	https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt
f5sirt@f5.com	https://support.f5.com/csp/article/K52171282	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104730	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K52171282	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_edge	*
apple	mac_os_x	-
linux	linux_kernel	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:clients:*:*:*",
              "matchCriteriaId": "33F1989D-47D6-4F0D-AD4B-A44BB662030C",
              "versionEndIncluding": "7.1.6.1",
              "versionStartIncluding": "7.1.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DE7E7F2-2026-4407-8F0E-168DE0D4F935",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB42D3A-71EE-4367-9F65-86404D74E59D",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3331F4E7-A17F-41E2-B3FD-0F212626858D",
              "versionEndIncluding": "13.1.0",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge:*:*:*:*:clients:*:*:*",
              "matchCriteriaId": "8ECC3A05-0B24-4008-AA32-6AD8A942D7B7",
              "versionEndIncluding": "7150",
              "versionStartIncluding": "7101",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service."
    },
    {
      "lang": "es",
      "value": "El componente svpn del cliente F5 BIG-IP APM en versiones anteriores a la 7.1.7 para Linux y Mac OS X se ejecuta como proceso privilegiado y puede permitir que un usuario sin privilegios asuma privilegios de superusuario en el host del cliente local. Un usuario local malicioso no privilegiado podr\u00eda obtener conocimientos de informaci\u00f3n sensible, manipular ciertos datos o interrumpir el servicio."
    }
  ],
  "id": "CVE-2018-5529",
  "lastModified": "2024-11-21T04:09:00.290",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-07-12T18:29:00.577",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104730"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K52171282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104730"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K52171282"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-XV84-C645-853V

Vulnerability from github – Published: 2022-05-13 01:52 – Updated: 2022-05-13 01:52

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-5529"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-12T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.",
  "id": "GHSA-xv84-c645-853v",
  "modified": "2022-05-13T01:52:53Z",
  "published": "2022-05-13T01:52:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5529"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K52171282"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104730"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-5529 (GCVE-0-2018-5529)

VAR-201807-2198

GSD-2018-5529

CNVD-2018-20569

FKIE_CVE-2018-5529

GHSA-XV84-C645-853V

Tags

Sightings

Nomenclature