Lucene search
F5CVELIST:CVE-2019-6618HistoryMay 03, 2019 - 7:28 p.m.
CVE-2019-6618
2019-05-0319:28:54
f5
www.cve.org
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive portions of the filesystem if provided Advanced Shell Access, such as editing /etc/passwd. This allows modifications to user objects and is contrary to our definition for the Resource Administrator (RA) role restrictions.
CNA Affected
[
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"vendor": "F5",
"versions": [
{
"status": "affected",
"version": "14.0.0-14.1.0.1"
},
{
"status": "affected",
"version": "13.0.0-13.1.1.4"
},
{
"status": "affected",
"version": "12.1.0-12.1.4"
},
{
"status": "affected",
"version": "11.6.1-11.6.3.4"
},
{
"status": "affected",
"version": "11.5.2-11.5.8"
}
]
}
]References
Related
prion
prion
Design/Logic Flaw
2019-05-03 20:29:00
f5
f5
K07702240 : BIG-IP Resource Administrator vulnerability CVE-2019-6618
2019-04-30 00:00:00
nvd
nvd
CVE-2019-6618
2019-05-03 20:29:01
cve
cve
CVE-2019-6618
2019-05-03 20:29:01
nessus
nessus
F5 Networks BIG-IP : BIG-IP Resource Administrator vulnerability (K07702240)
2019-05-01 00:00:00