CVE-2018-5546 (GCVE-0-2018-5546)

Vulnerability from cvelistv5 – Published: 2018-08-17 13:00 – Updated: 2024-09-17 02:31
VLAI?
Summary
The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host.
Severity ?
No CVSS data available.
CWE
  • Privilege Escalation
Assigner
f5
References
Impacted products
Vendor Product Version
F5 Networks, Inc. BIG-IP APM client for Linux Affected: Prior to version 7.1.7.1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:40:50.580Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K54431371"
          },
          {
            "name": "1041510",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041510"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP APM client for Linux",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Prior to version 7.1.7.1"
            }
          ]
        },
        {
          "product": "BIG-IP APM client for macOS",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Prior to version 7.1.7.1"
            }
          ]
        }
      ],
      "datePublic": "2018-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Privilege Escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-24T16:57:17",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K54431371"
        },
        {
          "name": "1041510",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041510"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "DATE_PUBLIC": "2018-08-16T00:00:00",
          "ID": "CVE-2018-5546",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP APM client for Linux",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Prior to version 7.1.7.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "BIG-IP APM client for macOS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Prior to version 7.1.7.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Privilege Escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K54431371",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K54431371"
            },
            {
              "name": "1041510",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041510"
            },
            {
              "name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt",
              "refsource": "MISC",
              "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-5546",
    "datePublished": "2018-08-17T13:00:00Z",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-09-17T02:31:29.055Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager_client:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.1.5\", \"versionEndIncluding\": \"7.1.7\", \"matchCriteriaId\": \"BA07D5C9-A41B-4BBD-B219-08FDD4931C97\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"387021A0-AF36-463C-A605-32EA7DAC172E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.3\", \"matchCriteriaId\": \"6BB42D3A-71EE-4367-9F65-86404D74E59D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"387021A0-AF36-463C-A605-32EA7DAC172E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host.\"}, {\"lang\": \"es\", \"value\": \"Los componentes svpn y policyserver del cliente F5 BIG-IP APM en versiones anteriores a la 7.1.7.1 para Linux y macOS se ejecutan como un proceso privilegiado y pueden permitir que un usuario sin privilegios obtenga la propiedad de archivos propiedad de root en el host del cliente local. Un usuario local no privilegiado malicioso puede adquirir conocimiento de informaci\\u00f3n sensible, manipular determinados datos o asumir privilegios de superusuario en el host del cliente local.\"}]",
      "id": "CVE-2018-5546",
      "lastModified": "2024-11-21T04:09:02.717",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-08-17T12:29:00.410",
      "references": "[{\"url\": \"http://www.securitytracker.com/id/1041510\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K54431371\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1041510\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K54431371\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "f5sirt@f5.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-732\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-5546\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2018-08-17T12:29:00.410\",\"lastModified\":\"2024-11-21T04:09:02.717\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host.\"},{\"lang\":\"es\",\"value\":\"Los componentes svpn y policyserver del cliente F5 BIG-IP APM en versiones anteriores a la 7.1.7.1 para Linux y macOS se ejecutan como un proceso privilegiado y pueden permitir que un usuario sin privilegios obtenga la propiedad de archivos propiedad de root en el host del cliente local. Un usuario local no privilegiado malicioso puede adquirir conocimiento de informaci\u00f3n sensible, manipular determinados datos o asumir privilegios de superusuario en el host del cliente local.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager_client:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.1.5\",\"versionEndIncluding\":\"7.1.7\",\"matchCriteriaId\":\"BA07D5C9-A41B-4BBD-B219-08FDD4931C97\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.3\",\"matchCriteriaId\":\"6BB42D3A-71EE-4367-9F65-86404D74E59D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1041510\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K54431371\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1041510\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/mirchr/security-research/blob/master/vulnerabilities/F5/CVE-2018-5529.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K54431371\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.