|Date: (C)2017-05-10 (M)2017-12-07|| |
In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This is a race condition that occurs rarely in normal usage; the typical period in which this is possible is limited to at most a few seconds after the permission change.
|CVSS Score: 6.0||Access Vector: NETWORK|
|Exploit Score: 6.8||Access Complexity: MEDIUM|
|Impact Score: 6.4||Authentication: SINGLE_INSTANCE|
| ||Confidentiality: PARTIAL|
| ||Integrity: PARTIAL|
| ||Availability: PARTIAL|