CVE-2015-7393
7.4
Vector
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.4 / Impact: 5.9
Source: NVD
Description
dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.
Affected (96)
Products: F5: Big Iq Application Delivery Controller, Big Ip Application Security Manager, Big Iq Security, Big Ip Wan Optimization Manager, Big Ip Global Traffic Manager, Big Ip Global Traffic Manager11.2.0, Big Iq Centralized Management, Big Ip Analytics, Big Ip Advanced Firewall Manager, Big Ip Domain Name System, Big Ip Protocol Security Module, Big Iq Cloud, Big Iq Cloud And Orchestration, Big Ip Policy Enforcement Manager, Big Ip Access Policy Manager, Big Ip Application Acceleration Manager, Big Ip Edge Gateway, Big Iq Device, Big Ip Local Traffic Manager, Big Ip Webaccelerator
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.5.0 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.0 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.1 | |
| All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.6.0 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.0.0 |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version 12.0.0 |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.0 |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.0.0 |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.4.0 |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.2.0 |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
References (6)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.