Command injection in F5 Networks Server applications

#VU12846 Command injection in F5 Networks Server applications

Published: 2018-05-18

Vulnerability identifier: #VU12846

Vulnerability risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-5511

CWE-ID: CWE-77

Exploitation vector: Network

Exploit availability: No

Vendor: F5 Networks

Description
The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.

The weakness exists in the Traffic Management User Interface due to command injection. A remote attacker can execute arbitrary commands with root privileges.

Mitigation
Update to version 13.1.0.4 or 13.0.1.

Vulnerable software versions

Enterprise Manager: 3.1.1

BIG-IP LTM: 13.0.0 - 13.1.0

BIG-IP AAM: 13.0.0 - 13.1.0

BIG-IP AFM: 13.0.0 - 13.1.0

BIG-IP Analytics: 13.0.0 - 13.1.0

BIG-IP APM: 13.0.0 - 13.1.0

BIG-IP ASM: 13.0.0 - 13.1.0

BIG-IP DNS: 13.0.0 - 13.1.0

BIG-IP Edge Gateway: 13.0.0 - 13.1.0

BIG-IP GTM: 13.0.0 - 13.1.0

BIG-IP Link Controller: 13.0.0 - 13.1.0

BIG-IP PEM: 13.0.0 - 13.1.0

BIG-IP WebAccelerator: 13.0.0 - 13.1.0

BIG-IP WebSafe: 13.0.0 - 13.1.0

External links
http://support.f5.com/csp/article/K30500703

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in F5 BIG-IP