CVE-2018-5520 : On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system conf

On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow an administrative user to use the dig utility to gain unauthorized access to file system resources.

Published 2018-05-02 13:29:01

Updated 2020-08-24 17:37:01

Source F5 Networks

View at NVD, CVE.org

Vulnerability category: Bypass

Products affected by CVE-2018-5520

F5 » Big-ip Local Traffic Manager
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Local Traffic Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Local Traffic Manager
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Global Traffic Manager
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Global Traffic Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Global Traffic Manager
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Security Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Security Manager
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Security Manager
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Access Policy Manager
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Access Policy Manager
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Access Policy Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Webaccelerator
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Webaccelerator
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Webaccelerator
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Edge Gateway
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Edge Gateway
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Edge Gateway
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Link Controller
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Link Controller
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Link Controller
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Analytics
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Analytics
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Analytics
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Acceleration Manager
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Acceleration Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Acceleration Manager
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Advanced Firewall Manager
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Advanced Firewall Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Advanced Firewall Manager
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Policy Enforcement Manager
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Policy Enforcement Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Policy Enforcement Manager
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Domain Name System
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Domain Name System
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Domain Name System
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Websafe
Versions from including (>=) 13.0.0 and up to, including, (<=) 13.1.0
cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Websafe
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.3
cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Websafe
Versions from including (>=) 11.2.1 and up to, including, (<=) 11.6.3
cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2018-5520

EPSS FAQ

0.20%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 39 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-5520

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
3.5	LOW	AV:N/AC:M/Au:S/C:P/I:N/A:N	6.8	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
4.4	MEDIUM	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N	0.7	3.6	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2018-5520

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-5520

http://www.securitytracker.com/id/1040798

F5 BIG-IP Flaw in TMOS Shell Lets Remote Authenticated Administrative Users Obtain Potentially Sensitive Information - SecurityTracker
Third Party Advisory;VDB Entry
https://support.f5.com/csp/article/K02043709

Vendor Advisory

Jump to

Vulnerability Details : CVE-2018-5520

Products affected by CVE-2018-5520

Exploit prediction scoring system (EPSS) score for CVE-2018-5520

CVSS scores for CVE-2018-5520

CWE ids for CVE-2018-5520

References for CVE-2018-5520