7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.7%
The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges via the sudo program, as demonstrated by the user account that executes PHP scripts, a different vulnerability than CVE-2012-1777.
CPE | Name | Operator | Version |
---|---|---|---|
f5:firepass | f5 firepass | eq | 6.0 |
f5:firepass | f5 firepass | eq | 6.1.0 |
f5:firepass | f5 firepass | eq | 7.0.0 |