CVE-2015-7394
9.0
Vector
AV:N/AC:L/Au:S/C:C/I:C/A:C
Exploitability: 8.0 / Impact: 10.0
Source: NVD
Description
The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code.
Affected (126)
Products: F5: Big Iq Device, Big Ip Policy Enforcement Manager, Big Ip Global Traffic Manager, Big Ip Analytics, Big Ip Link Controller, Big Ip Webaccelerator, Big Ip Application Security Manager, Big Iq Security, Big Ip Wan Optimization Manager, Big Ip Edge Gateway, Big Ip Access Policy Manager, Big Ip Advanced Firewall Manager, Big Ip Enterprise Manager, Big Ip Application Acceleration Manager, Big Ip Protocol Security Module, Big Iq Cloud, Big Ip Local Traffic Manager, Big Iq Adc
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.2.0 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.1.0 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.1.0 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.1.0 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.1.0 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.1.0 |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.0 |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.1.0 |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.1.0 |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.1.0 |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.0.0 |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.4.0 |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.1.0 |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.0 |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.1.0 |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.5.0 |
Related CWEs
References (6)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.