TROYANOSYVIRUS
Volver a CVEs

CVE-2015-8022

N/A

Descripcion

The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads.

Detalles CVE

Puntuacion CVSS v3.1N/A
Publicado8/19/2016
Ultima modificacion4/12/2025
Fuentenvd
Avistamientos honeypot0

Productos afectados

f5:big-ip_access_policy_managerf5:big-ip_advanced_firewall_managerf5:big-ip_analyticsf5:big-ip_application_acceleration_managerf5:big-ip_application_security_managerf5:big-ip_edge_gatewayf5:big-ip_global_traffic_managerf5:big-ip_link_controllerf5:big-ip_local_traffic_managerf5:big-ip_policy_enforcement_managerf5:big-ip_protocol_security_modulef5:big-ip_wan_optimization_managerf5:big-ip_webacceleratorf5:big-ip_websafe

Debilidades (CWE)

CWE-264

Referencias

http://www.securitytracker.com/id/1036627(cve@mitre.org)
https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html(cve@mitre.org)
http://www.securitytracker.com/id/1036627(af854a3a-2127-422b-91ae-364da2661108)
https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.