Description
On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access (for example, any user when licensed for Appliance Mode), this allows more permissive file access than intended.
Published: 2018-05-02
Score: 4.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2018-17288 On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access (for example, any user when licensed for Appliance Mode), this allows more permissive file access than intended.
History

No history.

Subscriptions

F5 Big-ip Access Policy Manager Big-ip Advanced Firewall Manager Big-ip Analytics Big-ip Application Acceleration Manager Big-ip Application Security Manager Big-ip Domain Name System Big-ip Edge Gateway Big-ip Global Traffic Manager Big-ip Link Controller Big-ip Local Traffic Manager Big-ip Policy Enforcement Manager Big-ip Webaccelerator Big-ip Websafe
cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published:

Updated: 2024-09-16T22:51:17.364Z

Reserved: 2018-01-12T00:00:00.000Z

Link: CVE-2018-5519

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-05-02T13:29:00.803

Modified: 2024-11-21T04:08:58.890

Link: CVE-2018-5519

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses