7.4

CVE-2015-7393

dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.

Data is provided by the National Vulnerability Database (NVD)
F5Big-iq Security Version4.0.0
F5Big-iq Security Version4.1.0
F5Big-iq Security Version4.2.0
F5Big-iq Security Version4.3.0
F5Big-iq Security Version4.4.0
F5Big-iq Security Version4.5.0
F5Big-ip Global Traffic Manager Version11.2.1
F5Big-ip Global Traffic Manager Version11.3.0
F5Big-ip Global Traffic Manager Version11.4.0
F5Big-ip Global Traffic Manager Version11.4.1
F5Big-ip Global Traffic Manager Version11.5.1
F5Big-ip Global Traffic Manager Version11.6.0
F5Big-ip Analytics Version11.0.0
F5Big-ip Analytics Version11.1.0
F5Big-ip Analytics Version11.2.0
F5Big-ip Analytics Version11.2.1
F5Big-ip Analytics Version11.3.0
F5Big-ip Analytics Version11.4.0
F5Big-ip Analytics Version11.4.1
F5Big-ip Analytics Version11.5.0
F5Big-ip Analytics Version11.5.1
F5Big-ip Analytics Version11.6.0
F5Big-ip Analytics Version12.0.0
F5Big-ip Domain Name System Version12.0.0
F5Big-iq Cloud Version4.0.0
F5Big-iq Cloud Version4.1.0
F5Big-iq Cloud Version4.2.0
F5Big-iq Cloud Version4.3.0
F5Big-iq Cloud Version4.4.0
F5Big-iq Cloud Version4.5.0
F5Big-ip Access Policy Manager Version11.2.0
F5Big-ip Access Policy Manager Version11.2.1
F5Big-ip Access Policy Manager Version11.3.0
F5Big-ip Access Policy Manager Version11.4.0
F5Big-ip Access Policy Manager Version11.5.0
F5Big-ip Access Policy Manager Version11.5.1
F5Big-ip Access Policy Manager Version11.6.0
F5Big-ip Access Policy Manager Version12.0.0
F5Big-ip Edge Gateway Version11.2.0
F5Big-ip Edge Gateway Version11.2.1
F5Big-ip Edge Gateway Version11.3.0
F5Big-iq Device Version4.2.0
F5Big-iq Device Version4.3.0
F5Big-iq Device Version4.4.0
F5Big-iq Device Version4.5.0
F5Big-ip Local Traffic Manager Version11.2.0
F5Big-ip Local Traffic Manager Version11.2.1
F5Big-ip Local Traffic Manager Version11.3.0
F5Big-ip Local Traffic Manager Version11.4.0
F5Big-ip Local Traffic Manager Version11.4.1
F5Big-ip Local Traffic Manager Version11.5.1
F5Big-ip Local Traffic Manager Version11.6.0
F5Big-ip Local Traffic Manager Version12.0.0
F5Big-ip Webaccelerator Version11.2.0
F5Big-ip Webaccelerator Version11.2.1
F5Big-ip Webaccelerator Version11.3.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.08% 0.23
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.4 1.4 5.9
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C