F5 Networks BIG-IP : Appliance mode tmsh access vulnerability (K02043709)

Low Nessus Plugin ID 118616

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

On a BIG-IP system configured in Appliance mode, the TMOS Shell (tmsh)
may allow an administrative user to use the dig utility to gain
unauthorized access to file system resources. (CVE-2018-5520)

Note : Appliance mode is designed to meet the needs of customers in
especially sensitive sectors by limiting the BIG-IP system
administrative access to match that of a typical network appliance and
not a multi-user UNIX device. When a BIG-IP system is configured in
Appliance mode, the Advanced Shell ( bash ) access to the file system
is restricted. For information about Appliance mode, refer to K12815:
Overview of Appliance mode.

Impact

This vulnerability allows unauthorized disclosure of information.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5
Solution K02043709.

See Also

https://support.f5.com/csp/article/K02043709

https://support.f5.com/csp/article/K12815

Plugin Details

Severity: Low

ID: 118616

File Name: f5_bigip_SOL02043709.nasl

Version: 1.2

Type: local

Published: 2018/11/02

Modified: 2019/01/04

Dependencies: 76940

Risk Information

Risk Factor: Low

CVSS v2.0

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N

CVSS v3.0

Base Score: 4.4

Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip

Patch Publication Date: 2018/04/30

Reference Information

CVE: CVE-2018-5520