Lucene search
F5F5:K16728HistoryOct 31, 2015 - 12:00 a.m.
K16728 : iCall privilege escalation vulnerability CVE-2015-3628
2015-10-3100:00:00
my.f5.com
13
Security Advisory Description
An authenticated user, with Resource Administrator role permissions, is able to use iCall scripts and associated handlers to create and modify user account properties. (CVE-2015-3628)
Impact
An authenticated user with limited access (Resource Administration) may be able to escalate privileges and gain administrative access.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.3.0 | |
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 12.0.0 |
Related
prion
prion
Design/Logic Flaw
2015-12-07 20:59:00
f5
f5
SOL16728 - iCall privilege escalation vulnerability CVE-2015-3628
2015-09-09 00:00:00
checkpoint_advisories
checkpoint_advisories
metasploit
metasploit
F5 iControl iCall::Script Root Command Execution
2015-11-09 13:10:54
packetstorm
packetstorm
F5 iControl iCall::Script Root Command Execution
2015-11-19 00:00:00
zdt
zdt
F5 iControl iCall::Script Root Command Execution Exploit
2015-11-19 00:00:00
cve
cve
CVE-2015-3628
2015-12-07 20:59:04
nvd
nvd
CVE-2015-3628
2015-12-07 20:59:04
openvas
openvas
F5 BIG-IP - iCall privilege escalation vulnerability CVE-2015-3628
2015-09-07 00:00:00
nessus
nessus
F5 Networks BIG-IP : iCall privilege escalation vulnerability (K16728)
2015-09-04 00:00:00
cvelist
cvelist
CVE-2015-3628
2015-12-07 20:00:00
exploitdb
exploitdb
F5 iControl - 'iCall::Script' Root Command Execution (Metasploit)
2015-11-19 00:00:00