Authentication flaw

2019-07-0121:15:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to allow root shell access from within the TMOS Shell (tmsh) interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp.

CPENameOperatorVersion
big-ip_access_policy_managerge11.5.2
big-ip_access_policy_managerle11.6.4
big-ip_access_policy_managereq15.0.0
big-ip_access_policy_managerge14.0.0
big-ip_access_policy_managerle14.1.0.5
big-ip_access_policy_managerge12.1.0
big-ip_access_policy_managerle12.1.4.2
big-ip_access_policy_managerge13.0.0
big-ip_access_policy_managerle13.1.1.5
big-ip_advanced_firewall_managerge11.5.2

Name	Operator	Version
big-ip_access_policy_manager	ge	11.5.2
big-ip_access_policy_manager	le	11.6.4
big-ip_access_policy_manager	eq	15.0.0
big-ip_access_policy_manager	ge	14.0.0
big-ip_access_policy_manager	le	14.1.0.5
big-ip_access_policy_manager	ge	12.1.0
big-ip_access_policy_manager	le	12.1.4.2
big-ip_access_policy_manager	ge	13.0.0
big-ip_access_policy_manager	le	13.1.1.5
big-ip_advanced_firewall_manager	ge	11.5.2