3 matches found
CVE-2019-6642
In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files via scp, for example can escalate their privileges to allow root shell...
F5 Networks BIG-IP : F5 tmsh vulnerability (K40378764)
"Authenticated users with the ability to upload files via scp, for example can escalate their privileges to allow root shell access from within the TMOS Shell tmsh interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp . CVE-2019-6642 Impact...
CVE-2019-6642
CVE-2019-6642 affects F5 BIG-IP family (and related: BIG-IQ, iWorkflow, Enterprise Manager) with authenticated users able to upload files (e.g., via scp) and abuse the TMOS Shell (tmsh) to escalate to a root shell. The flaw arises from tmsh allowing execution of a secondary program via tools like...