CVE-2018-5520
published 2018-05-02CVE-2018-5520: On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow an administrative…
medium4.4CVSS 3.0
AVNACHPRHUINSUCHINAN
On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow an administrative user to use the dig utility to gain unauthorized access to file system resources.
Affected
52 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip_aam | — | — |
| f5 | big-ip_access_policy_manager | 11.2.1 – 11.6.3 | — |
| f5 | big-ip_access_policy_manager | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_access_policy_manager | 13.0.0 – 13.1.0 | — |
| f5 | big-ip_advanced_firewall_manager | 11.2.1 – 11.6.3 | — |
| f5 | big-ip_advanced_firewall_manager | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 – 13.1.0 | — |
| f5 | big-ip_afm | — | — |
| f5 | big-ip_analytics | — | — |
| f5 | big-ip_analytics | 11.2.1 – 11.6.3 | — |
| f5 | big-ip_analytics | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_analytics | 13.0.0 – 13.1.0 | — |
| f5 | big-ip_apm | — | — |
| f5 | big-ip_application_acceleration_manager | 11.2.1 – 11.6.3 | — |
| f5 | big-ip_application_acceleration_manager | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_application_acceleration_manager | 13.0.0 – 13.1.0 | — |
| f5 | big-ip_application_security_manager | 11.2.1 – 11.6.3 | — |
| f5 | big-ip_application_security_manager | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_application_security_manager | 13.0.0 – 13.1.0 | — |
| f5 | big-ip_asm | — | — |
| f5 | big-ip_dns | — | — |
| f5 | big-ip_domain_name_system | 11.2.1 – 11.6.3 | — |
| f5 | big-ip_domain_name_system | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_domain_name_system | 13.0.0 – 13.1.0 | — |
| f5 | big-ip_edge_gateway | — | — |