CVE-2012-2053

CWE-2643 documents3 sources

Severity

7.2HIGH

EPSS

0.0%

top 85.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Firepass

Timeline

PublishedApr 5

Latest updateMay 17

Description

The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges via the sudo program, as demonstrated by the user account that executes PHP scripts, a different vulnerability than CVE-2012-1777.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDf5/firepass6.0, 6.1.0, 7.0.0+2

🔴Vulnerability Details

GHSA

GHSA-q9xm-p27h-h3gp: The sudoers file in the Linux system configuration in F5 FirePass 6↗2022-05-17

▶

CVEList

CVE-2012-2053: The sudoers file in the Linux system configuration in F5 FirePass 6↗2012-04-04

▶