cbcvebase.
CVE-2019-6618
published 2019-05-03

CVE-2019-6618: On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive…

medium4.9CVSS 3.0
AVNACLPRHUINSUCNIHAN
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive portions of the filesystem if provided Advanced Shell Access, such as editing /etc/passwd. This allows modifications to user objects and is contrary to our definition for the Resource Administrator (RA) role restrictions.

Affected

78 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip_aam
f5big-ip_access_policy_manager11.5.2 – 11.5.8
f5big-ip_access_policy_manager11.6.1 – 11.6.3.4
f5big-ip_access_policy_manager12.1.0 – 12.1.4
f5big-ip_access_policy_manager13.0.0 – 13.1.1.4
f5big-ip_access_policy_manager14.0.0 – 14.1.0.1
f5big-ip_advanced_firewall_manager11.5.2 – 11.5.8
f5big-ip_advanced_firewall_manager11.6.1 – 11.6.3.4
f5big-ip_advanced_firewall_manager12.1.0 – 12.1.4
f5big-ip_advanced_firewall_manager13.0.0 – 13.1.1.4
f5big-ip_advanced_firewall_manager14.0.0 – 14.1.0.1
f5big-ip_afm
f5big-ip_analytics
f5big-ip_analytics11.5.2 – 11.5.8
f5big-ip_analytics11.6.1 – 11.6.3.4
f5big-ip_analytics12.1.0 – 12.1.4
f5big-ip_analytics13.0.0 – 13.1.1.4
f5big-ip_analytics14.0.0 – 14.1.0.1
f5big-ip_apm
f5big-ip_application_acceleration_manager11.5.2 – 11.5.8
f5big-ip_application_acceleration_manager11.6.1 – 11.6.3.4
f5big-ip_application_acceleration_manager12.1.0 – 12.1.4
f5big-ip_application_acceleration_manager13.0.0 – 13.1.1.4
f5big-ip_application_acceleration_manager14.0.0 – 14.1.0.1
f5big-ip_application_security_manager11.5.2 – 11.5.8