CVE-2018-15332

Summary

The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition.

Affected Software

VendorProductVersion RangeStatus
F5 Networks, Inc.BIG-IP (APM), BIG-IP APM Clients, BIG-IP Edge ClientAPM Client 7.1.5 - 7.1.7.1, Edge Client 7101 - 7150affected

Weaknesses

  • Privilege Escalation

ADP Enrichment

CVE Program Container

Additional References

References