CVE-2022-41835
published 2022-10-19CVE-2022-41835: In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.5.0, excessive file permissions in F5OS allows an authenticated local attacker to execute…
high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.5.0, excessive file permissions in F5OS allows an authenticated local attacker to execute limited set of commands in a container and impact the F5OS controller.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | f5os | — | — |
| f5 | f5os-a | — | — |
| f5 | f5os-a | >= 1.0.0 < 1.1.0 | 1.1.0 |
| f5 | f5os-a | >= 1.x < 1.1.0 | 1.1.0 |
| f5 | f5os-c | < 1.5.0 | 1.5.0 |
| f5 | f5os-c | — | — |
| f5 | f5os-c | >= 1.x < 1.5.0 | 1.5.0 |