CVE-2018-5529
CVSSN/A
发布时间 :2018-07-12 14:29:00
修订时间 :2018-07-13 21:29:01
NMS    

[原文]The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.


[CNNVD]CNNVD数据暂缺。


[机译]译文暂缺.

- CVSS (基础分值)

CVSS暂不可用

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5529
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5529
(官方数据源) NVD

- 其它链接及资源

http://www.securityfocus.com/bid/104730
(UNKNOWN)  BID  104730
https://support.f5.com/csp/article/K52171282
(UNKNOWN)  CONFIRM  https://support.f5.com/csp/article/K52171282

- 漏洞信息

F5 BIG-IP APM Client CVE-2018-5529 Local Privilege Escalation Vulnerability
Design Error 104730
No Yes
2018-07-12 12:00:00 2018-07-12 12:00:00
Rich Mirch

- 受影响的程序版本

F5 BIG-IP Edge Client 7150
F5 BIG-IP Edge Client 7101
F5 BIG-IP APM Clients 7.1.5
F5 BIG-IP APM Clients 7.1.6.1
F5 BIG-IP APM 13.1
F5 BIG-IP APM 13.0
F5 BIG-IP APM 12.1.3
F5 BIG-IP APM 12.1.2
F5 BIG-IP APM 12.1.1
F5 BIG-IP APM 11.5.6
F5 BIG-IP APM 11.5.5
F5 BIG-IP APM 11.5.3
F5 BIG-IP APM 11.5.2
F5 BIG-IP APM 11.5.1
F5 BIG-IP APM 12.1.0
F5 BIG-IP APM 11.5.4
,F5 BIG-IP APM Clients 7.1.7

- 不受影响的程序版本

F5 BIG-IP APM Clients 7.1.7

- 漏洞讨论

F5 BIG-IP APM Client is prone to a local privilege escalation vulnerability.

Local attackers may exploit this issue to gain elevated privileges.

- 漏洞利用

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

Updates are available. Please see the references or vendor advisory for more information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站