F5 Networks BIG-IP : big3d vulnerability (K82038789)
Low Nessus Plugin ID 118700
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe big3d process does not irrevocably minimize group privileges at startup. (CVE-2018-5540)
There is not a known attack vector, but if the big3d process is compromised, it is possible for it to regain the group privileges it was launched with.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K82038789.