← Back

CVE-2018-5529

nvd nist
Published: Jul 12, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.

Affected (5)

F5
2 products
Big Ip Access Policy Manager
Big Ip Edge
Configuration A
5 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
F5
Big Ip Access Policy Manager
From 11.5.1 to 11.5.6
Big Ip Access Policy Manager
From 12.1.0 to 12.1.3
Big Ip Access Policy Manager
From 13.0.0 to 13.1.0
Big Ip Access Policy Manager
From 7.1.5 to 7.1.6.1
Big Ip Edge
From 7101 to 7150
Running on/withPlatform Versions
Apple
Mac Os X
All versions
Linux
Linux Kernel
All versions

References (6)

Source: f5sirt@f5.com
Third Party AdvisoryVDB Entry
Source: f5sirt@f5.com
Source: f5sirt@f5.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.