Lucene search
K

6 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:45 p.m.28 views

K15229: BIG-IQ / BIG-IP privilege escalation vulnerability CVE-2014-3220

Security Advisory Description F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote authenticated users to change the password of arbitrary users via the name parameter in a request to the user's page in mgmt/shared/authz/users/. CVE-2014-3220 Impact An authenticated user with limited...

9CVSS6.8AI score0.11003EPSS
Exploits1Affected Software15
OpenVAS
OpenVAS
added 2015/09/19 12:0 a.m.25 views

F5 BIG-IP - privilege escalation vulnerability CVE-2014-3220

The remote host is missing a security patch. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...

9CVSS5.2AI score0.11003EPSS
Exploits1References1
Prion
Prion
added 2014/11/06 12:55 a.m.16 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-3220. Reason: This candidate is a reservation duplicate of CVE-2014-3220. Notes: All CVE users should reference CVE-2014-3220 instead of this candidate. All references and descriptions in this candidate have been removed to...

6.7AI score0.11003EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/05/09 12:0 a.m.32 views

F5 Networks BIG-IQ Configuration Utility Privilege Escalation

According to its version number, the remote F5 Networks BIG-IQ device is affected by a privilege escalation vulnerability that allows remote, authenticated users to change the password of other users such as the default 'root' user via a specially crafted request to the web configuration utility...

9CVSS5.5AI score0.11003EPSS
Exploits1References3
CVE
CVE
added 2014/05/05 5:0 p.m.50 views

CVE-2014-3220

F5 BIG-IQ Cloud and Security 4.0.0–4.1.0 are vulnerable to CVE-2014-3220 via an authenticated user changing passwords of arbitrary users in mgmt/shared/authz/users/ due to a flaw in configuration utility access control. The advisory notes that an authenticated user with limited access could gain ...

9CVSS6.5AI score0.11003EPSS
Exploits1References10Affected Software1
F5 Networks
F5 Networks
added 2014/05/02 12:0 a.m.30 views

SOL15229 - BIG-IQ / BIG-IP privilege escalation vulnerability CVE-2014-3220

If the BIG-IQ 4.1 system is used to discover a BIG-IP 11.3.0 or 11.4.0 system, an authenticated user on the BIG-IP system may be able to modify the password of another user, including an administrator. Recommended Action If the previous table lists a version in the Versions known to be not...

9CVSS2.4AI score0.11003EPSS
Exploits1References5
Rows per page
Query Builder