Main Vulnerability Database Vulnerabilities #VU52753

#VU52753 Security features bypass in APM Clients

Published: April 29, 2021

Vulnerability identifier: #VU52753

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
APM Clients

Software vendor:
F5 Networks

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to after generating the Diagnostics Report, command prompts with elevated privileges remain on the client Windows system. An attacker with access to the system can execute arbitrary code with elevated privileges.

Remediation

Install updates from vendor's website.

External links

https://support.f5.com/csp/article/K03544414

#VU52753 Security features bypass in APM Clients

Description

Remediation

External links

Please verify you're human