Lucene search
HistoryJun 30, 2016 - 5:59 p.m.
CVE-2016-5020
f5
big-ip
cve-2016-5020
vulnerability
privilege escalation
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
9 High
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
68.4%
F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.
Affected configurations
Node
f5big-ip_wan_optimization_managerMatch10.2.1
ORf5big-ip_wan_optimization_managerMatch10.2.2
ORf5big-ip_wan_optimization_managerMatch10.2.3
ORf5big-ip_wan_optimization_managerMatch10.2.4
ORf5big-ip_wan_optimization_managerMatch11.2.1
Node
f5big-ip_protocol_security_moduleMatch10.2.1
ORf5big-ip_protocol_security_moduleMatch10.2.2
ORf5big-ip_protocol_security_moduleMatch10.2.3
ORf5big-ip_protocol_security_moduleMatch10.2.4
ORf5big-ip_protocol_security_moduleMatch11.4.0
ORf5big-ip_protocol_security_moduleMatch11.4.1
Node
f5big-ip_application_acceleration_managerMatch11.4.0
ORf5big-ip_application_acceleration_managerMatch11.4.1
ORf5big-ip_application_acceleration_managerMatch11.5.0
ORf5big-ip_application_acceleration_managerMatch11.5.1
ORf5big-ip_application_acceleration_managerMatch11.5.2
ORf5big-ip_application_acceleration_managerMatch11.5.3
ORf5big-ip_application_acceleration_managerMatch11.5.4
ORf5big-ip_application_acceleration_managerMatch11.6.0
ORf5big-ip_application_acceleration_managerMatch11.6.1
ORf5big-ip_application_acceleration_managerMatch12.0.0
ORf5big-ip_application_acceleration_managerMatch12.1.0
Node
f5big-ip_edge_gatewayMatch10.2.1
ORf5big-ip_edge_gatewayMatch10.2.2
ORf5big-ip_edge_gatewayMatch10.2.3
ORf5big-ip_edge_gatewayMatch10.2.4
ORf5big-ip_edge_gatewayMatch11.2.1
Node
f5big-ip_webacceleratorMatch10.2.1
ORf5big-ip_webacceleratorMatch10.2.2
ORf5big-ip_webacceleratorMatch10.2.3
ORf5big-ip_webacceleratorMatch10.2.4
ORf5big-ip_webacceleratorMatch11.2.1
Node
f5big-ip_domain_name_systemMatch12.0.0
Node
f5big-ip_access_policy_managerMatch11.6.0
ORf5big-ip_analyticsMatch11.2.1
ORf5big-ip_analyticsMatch11.4.0
ORf5big-ip_analyticsMatch11.4.1
ORf5big-ip_analyticsMatch11.5.0
ORf5big-ip_analyticsMatch11.5.1
ORf5big-ip_analyticsMatch11.5.2
ORf5big-ip_analyticsMatch11.5.3
ORf5big-ip_analyticsMatch11.5.4
ORf5big-ip_analyticsMatch11.6.0
ORf5big-ip_analyticsMatch11.6.1
ORf5big-ip_analyticsMatch12.0.0
Node
f5big-ip_access_policy_managerMatch10.2.1
ORf5big-ip_access_policy_managerMatch10.2.2
ORf5big-ip_access_policy_managerMatch10.2.3
ORf5big-ip_access_policy_managerMatch10.2.4
ORf5big-ip_access_policy_managerMatch11.2.1
ORf5big-ip_access_policy_managerMatch11.4.0
ORf5big-ip_access_policy_managerMatch11.4.1
ORf5big-ip_access_policy_managerMatch11.5.0
ORf5big-ip_access_policy_managerMatch11.5.1
ORf5big-ip_access_policy_managerMatch11.5.2
ORf5big-ip_access_policy_managerMatch11.5.3
ORf5big-ip_access_policy_managerMatch11.5.4
ORf5big-ip_access_policy_managerMatch11.6.0
ORf5big-ip_access_policy_managerMatch11.6.1
ORf5big-ip_access_policy_managerMatch12.0.0
Node
f5big-ip_link_controllerMatch10.2.1
ORf5big-ip_link_controllerMatch10.2.2
ORf5big-ip_link_controllerMatch10.2.3
ORf5big-ip_link_controllerMatch10.2.4
ORf5big-ip_link_controllerMatch11.2.1
ORf5big-ip_link_controllerMatch11.4.0
ORf5big-ip_link_controllerMatch11.4.1
ORf5big-ip_link_controllerMatch11.5.0
ORf5big-ip_link_controllerMatch11.5.1
ORf5big-ip_link_controllerMatch11.5.2
ORf5big-ip_link_controllerMatch11.5.3
ORf5big-ip_link_controllerMatch11.5.4
ORf5big-ip_link_controllerMatch11.6.0
ORf5big-ip_link_controllerMatch11.6.1
ORf5big-ip_link_controllerMatch12.0.0
Node
f5big-ip_local_traffic_managerMatch10.2.1
ORf5big-ip_local_traffic_managerMatch10.2.2
ORf5big-ip_local_traffic_managerMatch10.2.3
ORf5big-ip_local_traffic_managerMatch10.2.4
ORf5big-ip_local_traffic_managerMatch11.2.1
ORf5big-ip_local_traffic_managerMatch11.4.0
ORf5big-ip_local_traffic_managerMatch11.4.1
ORf5big-ip_local_traffic_managerMatch11.5.0
ORf5big-ip_local_traffic_managerMatch11.5.1
ORf5big-ip_local_traffic_managerMatch11.5.2
ORf5big-ip_local_traffic_managerMatch11.5.3
ORf5big-ip_local_traffic_managerMatch11.5.4
ORf5big-ip_local_traffic_managerMatch11.6.0
ORf5big-ip_local_traffic_managerMatch11.6.1
ORf5big-ip_local_traffic_managerMatch12.0.0
Node
f5big-ip_advanced_firewall_managerMatch11.4.0
ORf5big-ip_advanced_firewall_managerMatch11.4.1
ORf5big-ip_advanced_firewall_managerMatch11.5.0
ORf5big-ip_advanced_firewall_managerMatch11.5.1
ORf5big-ip_advanced_firewall_managerMatch11.5.2
ORf5big-ip_advanced_firewall_managerMatch11.5.3
ORf5big-ip_advanced_firewall_managerMatch11.5.4
ORf5big-ip_advanced_firewall_managerMatch11.6.0
ORf5big-ip_advanced_firewall_managerMatch11.6.1
ORf5big-ip_advanced_firewall_managerMatch12.0.0
Node
f5big-ip_policy_enforcement_managerMatch11.4.0
ORf5big-ip_policy_enforcement_managerMatch11.4.1
ORf5big-ip_policy_enforcement_managerMatch11.5.0
ORf5big-ip_policy_enforcement_managerMatch11.5.1
ORf5big-ip_policy_enforcement_managerMatch11.5.2
ORf5big-ip_policy_enforcement_managerMatch11.5.3
ORf5big-ip_policy_enforcement_managerMatch11.5.4
ORf5big-ip_policy_enforcement_managerMatch11.6.0
ORf5big-ip_policy_enforcement_managerMatch11.6.1
ORf5big-ip_policy_enforcement_managerMatch12.0.0
ORf5big-ip_protocol_security_moduleMatch11.3.0
Node
f5big-ip_global_traffic_managerMatch10.2.1
ORf5big-ip_global_traffic_managerMatch10.2.2
ORf5big-ip_global_traffic_managerMatch10.2.3
ORf5big-ip_global_traffic_managerMatch10.2.4
ORf5big-ip_global_traffic_managerMatch11.2.1
ORf5big-ip_global_traffic_managerMatch11.4.0
ORf5big-ip_global_traffic_managerMatch11.4.1
ORf5big-ip_global_traffic_managerMatch11.5.0
ORf5big-ip_global_traffic_managerMatch11.5.1
ORf5big-ip_global_traffic_managerMatch11.5.2
ORf5big-ip_global_traffic_managerMatch11.5.3
ORf5big-ip_global_traffic_managerMatch11.5.4
ORf5big-ip_global_traffic_managerMatch11.6.0
ORf5big-ip_global_traffic_managerMatch11.6.1
Node
f5big-ip_application_security_managerMatch10.2.1
ORf5big-ip_application_security_managerMatch10.2.2
ORf5big-ip_application_security_managerMatch10.2.3
ORf5big-ip_application_security_managerMatch10.2.4
ORf5big-ip_application_security_managerMatch11.2.1
ORf5big-ip_application_security_managerMatch11.4.0
ORf5big-ip_application_security_managerMatch11.4.1
ORf5big-ip_application_security_managerMatch11.5.0
ORf5big-ip_application_security_managerMatch11.5.1
ORf5big-ip_application_security_managerMatch11.5.2
ORf5big-ip_application_security_managerMatch11.5.3
ORf5big-ip_application_security_managerMatch11.5.4
ORf5big-ip_application_security_managerMatch11.6.0
ORf5big-ip_application_security_managerMatch11.6.1
ORf5big-ip_application_security_managerMatch12.0.0
Related
f5
f5
K00265182 : Custom monitor privilege escalation vulnerability CVE-2016-5020
2016-06-08 00:00:00
nvd
nvd
CVE-2016-5020
2016-06-30 17:59:08
openvas
openvas
F5 BIG-IP - Custom monitor privilege escalation vulnerability CVE-2016-5020
2016-06-13 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2016-5020
2016-06-30 17:00:00
prion
prion
Code injection
2016-06-30 17:59:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
9 High
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
68.4%
Related for CVE-2016-5020