Lucene search
F5CVELIST:CVE-2019-6642HistoryJul 01, 2019 - 8:21 p.m.
CVE-2019-6642
2019-07-0120:21:01
f5
www.cve.org
1
In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to allow root shell access from within the TMOS Shell (tmsh) interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp.
CNA Affected
[
{
"product": "BIG-IP, BIG-IQ, iWorkflow, Enterprise Manager",
"vendor": "F5",
"versions": [
{
"status": "affected",
"version": "BIG-IP 15.0.0"
},
{
"status": "affected",
"version": "14.0.0-14.1.0.5"
},
{
"status": "affected",
"version": "13.0.0-13.1.1.5"
},
{
"status": "affected",
"version": "12.1.0-12.1.4.2"
},
{
"status": "affected",
"version": "11.5.2-11.6.4"
},
{
"status": "affected",
"version": "BIG-IQ 6.0.0-6.1.0"
},
{
"status": "affected",
"version": "5.1.0-5.4.0"
},
{
"status": "affected",
"version": "iWorkflow 2.3.0"
},
{
"status": "affected",
"version": "Enterprise Manager 3.1.1"
}
]
}
]Related
osv
osv
CVE-2019-6642
2019-07-01 21:15:11
f5
f5
K40378764 : F5 tmsh vulnerability CVE-2019-6642
2019-06-27 00:00:00
cve
cve
CVE-2019-6642
2019-07-01 21:15:11
nessus
nessus
F5 Networks BIG-IP : F5 tmsh vulnerability (K40378764)
2019-08-12 00:00:00
prion
prion
Authentication flaw
2019-07-01 21:15:00
nvd
nvd
CVE-2019-6642
2019-07-01 21:15:11