On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/152213/VMware-Host-VMX-Process-Impersonation-Hijack-Privilege-Escalation.html | Third Party Advisory VDB Entry |
https://support.f5.com/csp/article/K30500703 | Vendor Advisory |
https://www.exploit-db.com/exploits/46600/ | Exploit Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: f5
Published: 2018-04-12T00:00:00
Updated: 2019-03-25T17:06:07
Reserved: 2018-01-12T00:00:00
Link: CVE-2018-5511
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-04-13T13:29:00.847
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-5511
JSON object: View
Redhat Information
No data.
CWE