[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2017-6167

Date: (C)2017-12-22   (M)2018-01-10 


In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected.

CVSS Score: 8.5Access Vector: NETWORK
Exploit Score: 6.8Access Complexity: MEDIUM
Impact Score: 10.0Authentication: SINGLE_INSTANCE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1040053
https://support.f5.com/csp/article/K24465120

CPE    9
cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.1
cpe:/a:f5:big-ip_access_policy_manager:12.1.1
cpe:/a:f5:big-ip_application_security_manager:12.1.1
cpe:/a:f5:big-ip_analytics:12.1.1
...
CWE    1
CWE-362

© 2013 SecPod Technologies