CVE-2019-6642F5 Big-ip Access Policy Manager vulnerability

5 documents5 sources
Severity
8.8HIGHNVD
EPSS
0.6%
top 30.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
16
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Analytics+13 more
Timeline
PublishedJul 1
Latest updateMay 24

Description

In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to allow root shell access from within the TMOS Shell (tmsh) interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages16 packages

NVDf5/big-ip_access_policy_manager11.5.211.6.4+4
NVDf5/big-ip_local_traffic_manager11.5.211.6.4+4
NVDf5/big-ip_global_traffic_manager11.5.211.6.4+4
NVDf5/big-ip_advanced_firewall_manager11.5.211.6.4+4

🔴Vulnerability Details

2
GHSA
GHSA-g33f-4mqv-pqxc: In BIG-IP 152022-05-24
CVEList
CVE-2019-6642: In BIG-IP 152019-07-01

📋Vendor Advisories

1
F5
CVE-2019-6642: In BIG-IP 152019-07-01

💬Community

1
Bugzilla
CVE-2019-11503 snapd: remote attacker able to bypass security restriction2019-05-03
CVE-2019-6642 — F5 vulnerability | cvebase