Lucene search
F5CVELIST:CVE-2019-19151HistoryDec 23, 2019 - 6:03 p.m.
CVE-2019-19151
2019-12-2318:03:02
f5
www.cve.org
On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed.
CNA Affected
[
{
"product": "BIG-IP, BIG-IQ, iWorkflow, Enterprise Manager",
"vendor": "F5",
"versions": [
{
"status": "affected",
"version": "BIG-IP 15.0.0-15.1.0"
},
{
"status": "affected",
"version": "14.0.0-14.1.2.3"
},
{
"status": "affected",
"version": "13.1.0-13.1.3.2"
},
{
"status": "affected",
"version": "12.1.0-12.1.5"
},
{
"status": "affected",
"version": "11.5.2-11.6.5.1"
},
{
"status": "affected",
"version": "BIG-IQ 7.0.0"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
},
{
"status": "affected",
"version": "5.0.0-5.4.0"
},
{
"status": "affected",
"version": "iWorkflow 2.3.0"
},
{
"status": "affected",
"version": "Enterprise Manager 3.1.1"
}
]
}
]References
Related
osv
osv
CVE-2019-19151
2019-12-23 19:15:11
prion
prion
Information disclosure
2019-12-23 19:15:00
nvd
nvd
CVE-2019-19151
2019-12-23 19:15:11
cve
cve
CVE-2019-19151
2019-12-23 19:15:11
f5
f5
K21711352 : TMOS Shell vulnerability CVE-2019-19151
2019-12-20 00:00:00
nessus
nessus
F5 Networks BIG-IP : TMOS Shell vulnerability (K21711352)
2020-05-01 00:00:00