Description
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. An authenticated attacker with a high privilege level may be able to bypass protections implemented in appliance mode to overwrite arbitrary system files.
Published: 2019-05-03
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2019-16173 On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. An authenticated attacker with a high privilege level may be able to bypass protections implemented in appliance mode to overwrite arbitrary system files.
History

No history.

Subscriptions

F5 Big-ip Access Policy Manager Big-ip Advanced Firewall Manager Big-ip Analytics Big-ip Application Acceleration Manager Big-ip Application Security Manager Big-ip Domain Name System Big-ip Edge Gateway Big-ip Fraud Protection Service Big-ip Global Traffic Manager Big-ip Link Controller Big-ip Local Traffic Manager Big-ip Policy Enforcement Manager Big-ip Webaccelerator
cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published:

Updated: 2024-08-04T20:23:22.086Z

Reserved: 2019-01-22T00:00:00.000Z

Link: CVE-2019-6614

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-05-03T20:29:01.437

Modified: 2024-11-21T04:46:48.583

Link: CVE-2019-6614

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses