F5 Networks BIG-IP : BIG-IP APM client for Linux and macOS vulnerability (K54431371)
High Nessus Plugin ID 118681
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe svpn and policyserver components of the F5 BIG-IP APM client prior to version 220.127.116.11 for Linux and macOS runs as a privileged process and can allow an unprivileged user to getownership of files owned by root on the local client host.(CVE-2018-5546)
A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K54431371.