CVE-2018-5511
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/04/2018
Last modified:
03/10/2019
Description
On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
Impact
Base Score 3.x
7.20
Severity 3.x
HIGH
Base Score 2.0
6.50
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_analytics:13.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_edge_gateway:13.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page