Executive Summary

Informations
NameCVE-2019-6618First vendor Publication2019-05-03
VendorCveLast vendor Modification2019-05-06

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:N/I:P/A:N)
Cvss Base Score4Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive portions of the filesystem if provided Advanced Shell Access, such as editing /etc/passwd. This allows modifications to user objects and is contrary to our definition for the Resource Administrator (RA) role restrictions.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6618

CWE : Common Weakness Enumeration

%idName
100 %CWE-284Access Control (Authorization) Issues

CPE : Common Platform Enumeration

TypeDescriptionCount
Application54
Application54
Application53
Application50
Application54
Application51
Application51
Application50
Application53
Application54
Application54
Application54
Application50

Sources (Detail)

SourceUrl
CONFIRM https://support.f5.com/csp/article/K07702240

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2019-09-10 12:11:18
  • Multiple Updates
2019-06-15 12:10:48
  • Multiple Updates
2019-06-08 12:10:37
  • Multiple Updates
2019-06-07 12:10:18
  • Multiple Updates
2019-05-06 21:19:13
  • Multiple Updates
2019-05-06 17:18:49
  • Multiple Updates
2019-05-04 05:19:18
  • First insertion