CVE-2018-15331

On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used by BIG-IP AAM fails to drop group permissions when executing helper scripts, which could be used to leverage attacks against the BIG-IP system.
References
Link Resource
https://support.f5.com/csp/article/K54843525 Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*

Information

Published : 2018-12-20 12:29

Updated : 2020-08-24 10:37


NVD link : CVE-2018-15331

Mitre link : CVE-2018-15331


JSON object : View

CWE
CWE-269

Improper Privilege Management

Advertisement

dedicated server usa

Products Affected

f5

  • big-ip_application_acceleration_manager