CVE-2019-6617
Published May 3, 2019
Last updated 2 years ago
Overview
- Description
- On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, a user with the Resource Administrator role is able to overwrite sensitive low-level files (such as /etc/passwd) using SFTP to modify user permissions, without Advanced Shell access. This is contrary to our definition for the Resource Administrator (RA) role restrictions.
- Source
- f5sirt@f5.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 5.2
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5.5
- Impact score
- 4.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:N/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-269
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "609A31A8-E106-468C-8621-FBD0075E5C2E",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "022CB73B-8575-49BC-A782-7020ECDF85A9",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "038A8B61-CD54-4D41-9EDC-629E33389E17",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C22F2CB-FA25-4326-9542-FED6F97262DD",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB845EA7-3928-4FBE-ADB3-74AB8AB584F6",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "394BD813-D7CF-41AF-9623-20EBFFC4E477",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4126BBEF-AFD8-44A2-9810-CBAFFEAA4FFA",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A60AA834-6C1E-4203-91DA-A2C8478A184F",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F602F8C-9548-47C4-A15E-FE52FDC37BFA",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE67A396-FD17-41DE-9F6B-00E760538786",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3132866D-82C6-4C16-A80B-7BBD210E8199",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "627F6B46-8D84-4B83-9606-DE77D35E8AEB",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFD0FF41-761A-440D-83F8-ED779CA4F38C",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5275F08-E0D0-402D-812C-C72AE26D95BC",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0E0A944-3615-4B10-B27D-FEE228B7A4E6",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "431481E1-5C7B-4384-AA5F-00B2A6DCA9DB",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84585268-3D36-4688-B001-D184A3016708",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6F5072A-0347-4B4D-805A-CC4BD869CFF3",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF225E1D-75DB-4E67-93A8-727E3A6F1896",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "716B53B2-FE8E-4535-B438-BDBADEDB8ADB",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0EA47C1-757A-4034-8DFE-0B690696289B",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF730DB1-5C6B-4E49-94A8-80DABF7B215F",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06B52E4E-1DDE-49D0-AEE1-8A3A790BE30B",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9A5F789-854D-4C17-98FE-85EAD8000C09",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F303D34A-0155-4248-88BF-59086A3E24AC",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5F09EDA-97C4-4788-8BA9-FB90F4E9D2DE",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DBA19AD-E323-48B5-88D1-709B61971093",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E44D05AD-3C76-4EB9-B8F4-FC5837C72E48",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8AC313F-4776-482C-B8E4-E3993820DA94",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68D79E48-7951-4ABE-AADF-0CE4975704FA",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3854B662-6BF0-4FE4-AC22-9895F30EBC79",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B5E1DF0-9912-4B50-B6AB-59558DE30B50",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B50AFE19-77F8-4BCC-B287-E967497DF44A",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1209416-7A72-4B4E-B493-DCB1A04A39E1",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57BCC8CB-5CD1-48F0-9983-883BD20B44FB",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40DF8C8E-064E-4EF5-888C-4EBD784785AA",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2E79EAE-4E0F-43DD-84AC-6BF55AB4F83F",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D441D2CE-C8F1-4688-903B-93F04BD1C8CE",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0915E0EA-4DBF-4D42-B533-7CB8674C5D97",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E61DD08-9CF9-457A-9120-52FA1F0ABD61",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7EB3F8D-55CA-48D5-9A64-F4A4A97159DE",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "173F9D19-C921-40DE-AFB8-014777A13911",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "152970DD-B77B-49C7-A02E-FC823E0E633F",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CCC67AD-46E4-40C5-AEED-C4691C731978",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3077533D-DCF2-47AE-B9BD-E88C5C9A8CA5",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57606901-522F-478F-B49B-13B600DC1F95",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9507B6E2-6403-448D-B8E5-4F80FB2C5513",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA8B6C1C-D373-4E5D-902E-DA590D182E19",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF10D9A8-AC97-4864-B7E9-8209983B2489",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8A7C7B7-9956-4921-A701-032D67EE156F",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65F0F85E-3C6D-4329-BA19-3FD9119D5782",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CD0ECA3-32E2-4A01-9FA1-572FE74C80DC",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "428FCCE2-10D7-42B2-AF25-8109BAB2A6E1",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19CF4C32-368F-42B3-B1EE-C59CC12EF745",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70EB94C1-8799-453C-BB63-4EB9B905F70C",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93C83561-E721-432E-BFAF-A873C3D10BF8",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAA91D9D-9283-4150-8BCC-827CCD3CB0C9",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AFEDB33-A655-4F67-B43E-DED5FC8183D4",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B310516-87E6-453A-82E7-CDDB9F9D5E57",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3293CE1D-A278-4C80-8F1C-0894162465B6",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "140C3519-4BD2-4501-9479-D2FA3770134E",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D76A899-8EFB-4881-8201-27C2E2B43829",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E703372-E37E-4DD8-8C6A-EE6EC4EFC900",
"versionEndExcluding": "12.1.4.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "117DFD13-51F9-46E8-B000-3364B7ED8364",
"versionEndExcluding": "13.1.1.5",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BCE1FEC-7D71-4AA8-A6FD-AFA05D94F965",
"versionEndExcluding": "14.1.0.2",
"versionStartIncluding": "14.0.0"
}
],
"operator": "OR"
}
]
}
]