PT-2018-12978 · F5 · F5 Big-Ip Apm
Published
2018-12-06
·
Updated
2021-09-08
·
CVE-2018-15332
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP APM client versions prior to 7.1.7.2 for Linux and macOS
Description
The issue allows an unprivileged user to potentially gain ownership of files owned by root on the local client host due to a race condition in the svpn component. This occurs because the svpn component runs as a privileged process.
Recommendations
For versions prior to 7.1.7.2, update to version 7.1.7.2 or later to resolve the issue.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
F5 Big-Ip Apm