var-201807-2205
Vulnerability from variot
On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up. plural F5 The product contains vulnerabilities related to authorization, permissions, and access control.Information may be obtained. F5 BIG-IP big3d Process is prone to a local privilege escalation vulnerability. Local attackers may exploit this issue to gain elevated privileges. F5 BIG-IP and so on are all products of F5 Company in the United States. F5 BIG-IP is an all-in-one network device that integrates functions such as network traffic management, application security management, and load balancing. Enterprise Manager is a tool that provides visibility into the entire BIG-IP application delivery infrastructure and optimizes application performance. Security flaws exist in several F5 products. The vulnerability stems from the fact that the big3d process does not remove elevated group privileges at startup
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-2205",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-iq cloud and orchestration",
"scope": "eq",
"trust": 1.8,
"vendor": "f5",
"version": "1.0.0"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-iq centralized management",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "5.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "big-iq centralized management",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "5.0.0"
},
{
"model": "iworkflow",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "2.3.0"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.3.3"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.6"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3.1"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "iworkflow",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "2.1.0"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.3.3"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.6"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3.1"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.5.1 to 11.5.6"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.6.0 to 11.6.3.1"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "12.1.0 to 12.1.3.3"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0 to 13.0.1"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.5.1 to 11.5.6"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.6.0 to 11.6.3.1"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "12.1.0 to 12.1.3.3"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0 to 13.0.1"
},
{
"model": "big-iq centralized management",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "5.0.0 to 5.1.0"
},
{
"model": "enterprise manager software",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "iworkflow",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "2.1.0 to 2.3.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-iq centralized management",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.1"
},
{
"model": "big-iq centralized management",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.6"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0.1"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.6"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-iq centralized management",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "5.2"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.7"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "13.1"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.7"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.3.4"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3.2"
}
],
"sources": [
{
"db": "BID",
"id": "104920"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008257"
},
{
"db": "NVD",
"id": "CVE-2018-5540"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1552"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.3.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.3.1",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.5.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.3.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.3.1",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.6",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.1.0",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:f5_iworkflow:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5540"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "104920"
}
],
"trust": 0.3
},
"cve": "CVE-2018-5540",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-5540",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-135571",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.4,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-5540",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5540",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1552",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-135571",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135571"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008257"
},
{
"db": "NVD",
"id": "CVE-2018-5540"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1552"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up. plural F5 The product contains vulnerabilities related to authorization, permissions, and access control.Information may be obtained. F5 BIG-IP big3d Process is prone to a local privilege escalation vulnerability. \nLocal attackers may exploit this issue to gain elevated privileges. F5 BIG-IP and so on are all products of F5 Company in the United States. F5 BIG-IP is an all-in-one network device that integrates functions such as network traffic management, application security management, and load balancing. Enterprise Manager is a tool that provides visibility into the entire BIG-IP application delivery infrastructure and optimizes application performance. Security flaws exist in several F5 products. The vulnerability stems from the fact that the big3d process does not remove elevated group privileges at startup",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5540"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008257"
},
{
"db": "BID",
"id": "104920"
},
{
"db": "VULHUB",
"id": "VHN-135571"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5540",
"trust": 2.8
},
{
"db": "BID",
"id": "104920",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041341",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1041340",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008257",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1552",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-135571",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135571"
},
{
"db": "BID",
"id": "104920"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008257"
},
{
"db": "NVD",
"id": "CVE-2018-5540"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1552"
}
]
},
"id": "VAR-201807-2205",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-135571"
}
],
"trust": 0.48214287
},
"last_update_date": "2023-12-18T13:13:46.260000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "K82038789",
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k82038789"
},
{
"title": "Multiple F5 Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=84105"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008257"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1552"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135571"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008257"
},
{
"db": "NVD",
"id": "CVE-2018-5540"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://support.f5.com/csp/article/k82038789"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104920"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041340"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041341"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5540"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5540"
},
{
"trust": 0.3,
"url": "http://www.f5.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135571"
},
{
"db": "BID",
"id": "104920"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008257"
},
{
"db": "NVD",
"id": "CVE-2018-5540"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1552"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-135571"
},
{
"db": "BID",
"id": "104920"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008257"
},
{
"db": "NVD",
"id": "CVE-2018-5540"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1552"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-19T00:00:00",
"db": "VULHUB",
"id": "VHN-135571"
},
{
"date": "2018-07-19T00:00:00",
"db": "BID",
"id": "104920"
},
{
"date": "2018-10-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008257"
},
{
"date": "2018-07-19T14:29:00.730000",
"db": "NVD",
"id": "CVE-2018-5540"
},
{
"date": "2018-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1552"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-135571"
},
{
"date": "2018-07-19T00:00:00",
"db": "BID",
"id": "104920"
},
{
"date": "2018-10-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008257"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-5540"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1552"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "104920"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1552"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural F5 Vulnerabilities related to authorization, authority, and access control in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008257"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1552"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.