cvelist/2018/5xxx/CVE-2018-5519.json

74 lines
2.6 KiB
JSON
Raw Normal View History

2018-01-12 14:02:27 -05:00
{
2019-03-17 23:39:33 +00:00
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"DATE_PUBLIC": "2018-04-30T00:00:00",
"ID": "CVE-2018-5519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe)",
"version": {
"version_data": [
{
"version_value": "13.0.0-13.1.0.5"
},
{
"version_value": "12.1.0-12.1.3.3"
},
{
"version_value": "11.2.1-11.6.3.1"
}
]
}
}
]
},
"vendor_name": "F5 Networks, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
2019-03-17 23:39:33 +00:00
"lang": "eng",
"value": "On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access (for example, any user when licensed for Appliance Mode), this allows more permissive file access than intended."
}
2019-03-17 23:39:33 +00:00
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040803",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040803"
},
{
"name": "https://support.f5.com/csp/article/K46121888",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K46121888"
}
]
}
}