On BIG-IP version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, when an authenticated administrative user installs RPMs using the iAppsLX REST installer, the BIG-IP system does not sufficiently validate user input, allowing the user read access to the filesystem.
References
Link | Resource |
---|---|
https://support.f5.com/csp/article/K50343630 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: f5
Published: 2020-12-24T15:03:09
Updated: 2020-12-24T15:03:09
Reserved: 2020-10-26T00:00:00
Link: CVE-2020-27727
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-12-24T16:15:15.320
Modified: 2020-12-28T17:27:02.963
Link: CVE-2020-27727
JSON object: View
Redhat Information
No data.
CWE