K11330536 : BIG-IP Appliance mode vulnerability CVE-2019-6635

2019-07-0100:00:00

my.f5.com

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.9%

JSON

Security Advisory Description

When the BIG-IP system is licensed for Appliance mode, a user with either the Administrator or the Resource Administrator role can bypass Appliance mode restrictions. (CVE-2019-6635)

Impact

BIG-IP

This vulnerability allows local attackers with high-level privileges to overwrite arbitrary files. This behavior is possible only when the BIG-IP system runs in Appliance mode on any of the hardware platforms, and the user account is configured with Administrator or Resource Administrator role. Resource Administrator roles must have TMOS Shell (tmsh) access to perform the attack. Appliance mode is a licensed feature. This vulnerability does not affect the virtual platforms.

Enterprise Manager / BIG-IQ / F5 iWorkflow / Traffix SDC

There is no impact; F5 products are not affected by this vulnerability.

CPENameOperatorVersion
big-iq centralized managementeq5.1.0
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.5.4

Name	Operator	Version
big-iq centralized management	eq	5.1.0
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.5.4

Rows per page:

1-10 of 2341