CVE-2018-5523
N/A
N/A
Summary
On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| F5 Networks, Inc. | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, 11.2.1 | affected |
| F5 Networks, Inc. | Enterprise Manager | 3.1.1 | affected |
Weaknesses
- Privilege Escalation
ADP Enrichment
CVE Program Container
Additional References
- https://support.f5.com/csp/article/K50254952
- http://www.securitytracker.com/id/1041023
- http://www.securitytracker.com/id/1041022
References
- https://support.f5.com/csp/article/K50254952
- http://www.securitytracker.com/id/1041023
- http://www.securitytracker.com/id/1041022
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.