CVE-2015-7393: dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0…

high7.4CVSS 3.0

AVLACHPRNUINSUCHIHAH

dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.

Affected

95 ranges· showing 25

Vendor	Product	Version range	Fixed in
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—