发布时间 :2018-07-12 14:29:00
修订时间 :2018-07-13 21:29:01

[原文]The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.



- CVSS (基础分值)


- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD

- 其它链接及资源
(UNKNOWN)  BID  104730

- 漏洞信息

F5 BIG-IP APM Client CVE-2018-5529 Local Privilege Escalation Vulnerability
Design Error 104730
No Yes
2018-07-12 12:00:00 2018-07-12 12:00:00
Rich Mirch

- 受影响的程序版本

F5 BIG-IP Edge Client 7150
F5 BIG-IP Edge Client 7101
F5 BIG-IP APM Clients 7.1.5
F5 BIG-IP APM Clients
F5 BIG-IP APM 13.1
F5 BIG-IP APM 13.0
F5 BIG-IP APM 12.1.3
F5 BIG-IP APM 12.1.2
F5 BIG-IP APM 12.1.1
F5 BIG-IP APM 11.5.6
F5 BIG-IP APM 11.5.5
F5 BIG-IP APM 11.5.3
F5 BIG-IP APM 11.5.2
F5 BIG-IP APM 11.5.1
F5 BIG-IP APM 12.1.0
F5 BIG-IP APM 11.5.4
,F5 BIG-IP APM Clients 7.1.7

- 不受影响的程序版本

F5 BIG-IP APM Clients 7.1.7

- 漏洞讨论

F5 BIG-IP APM Client is prone to a local privilege escalation vulnerability.

Local attackers may exploit this issue to gain elevated privileges.

- 漏洞利用

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at:

- 解决方案

Updates are available. Please see the references or vendor advisory for more information.

- 相关参考