8.5

CVE-2015-8022

EPSS 0.54%
Published 19.08.2016 21:59:01
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads.

Affected products Warnungen 0 Metrics 3 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

F5 ≫ Big-ip Global Traffic Manager Version11.0.0

F5 ≫ Big-ip Global Traffic Manager Version11.1.0

F5 ≫ Big-ip Global Traffic Manager Version11.2.0

F5 ≫ Big-ip Global Traffic Manager Version11.2.1

F5 ≫ Big-ip Global Traffic Manager Version11.3.0

F5 ≫ Big-ip Global Traffic Manager Version11.4.0

F5 ≫ Big-ip Global Traffic Manager Version11.4.1

F5 ≫ Big-ip Global Traffic Manager Version11.5.0

F5 ≫ Big-ip Global Traffic Manager Version11.5.1

F5 ≫ Big-ip Global Traffic Manager Version11.5.2

F5 ≫ Big-ip Global Traffic Manager Version11.5.3

F5 ≫ Big-ip Global Traffic Manager Version11.6.0

F5 ≫ Big-ip Local Traffic Manager Version11.0.0

F5 ≫ Big-ip Local Traffic Manager Version11.1.0

F5 ≫ Big-ip Local Traffic Manager Version11.2.0

F5 ≫ Big-ip Local Traffic Manager Version11.2.1

F5 ≫ Big-ip Local Traffic Manager Version11.3.0

F5 ≫ Big-ip Local Traffic Manager Version11.4.0

F5 ≫ Big-ip Local Traffic Manager Version11.4.1

F5 ≫ Big-ip Local Traffic Manager Version11.5.0

F5 ≫ Big-ip Local Traffic Manager Version11.5.1

F5 ≫ Big-ip Local Traffic Manager Version11.5.2

F5 ≫ Big-ip Local Traffic Manager Version11.5.3

F5 ≫ Big-ip Local Traffic Manager Version11.6.0

F5 ≫ Big-ip Webaccelerator Version11.0.0

F5 ≫ Big-ip Webaccelerator Version11.1.0

F5 ≫ Big-ip Webaccelerator Version11.2.0

F5 ≫ Big-ip Webaccelerator Version11.2.1

F5 ≫ Big-ip Webaccelerator Version11.3.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.3.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.4.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.4.1

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.1

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.2

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.3

F5 ≫ Big-ip Policy Enforcement Manager Version11.6.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.3.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.4.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.4.1

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.1

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.2

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.3

F5 ≫ Big-ip Advanced Firewall Manager Version11.6.0

F5 ≫ Big-ip Access Policy Manager Version11.0.0

F5 ≫ Big-ip Access Policy Manager Version11.1.0

F5 ≫ Big-ip Access Policy Manager Version11.2.0

F5 ≫ Big-ip Access Policy Manager Version11.2.1

F5 ≫ Big-ip Access Policy Manager Version11.3.0

F5 ≫ Big-ip Access Policy Manager Version11.4.0

F5 ≫ Big-ip Access Policy Manager Version11.4.1

F5 ≫ Big-ip Access Policy Manager Version11.5.0

F5 ≫ Big-ip Access Policy Manager Version11.5.1

F5 ≫ Big-ip Access Policy Manager Version11.5.2

F5 ≫ Big-ip Access Policy Manager Version11.5.3

F5 ≫ Big-ip Access Policy Manager Version11.6.0

F5 ≫ Big-ip Analytics Version11.0.0

F5 ≫ Big-ip Analytics Version11.1.0

F5 ≫ Big-ip Analytics Version11.2.0

F5 ≫ Big-ip Analytics Version11.2.1

F5 ≫ Big-ip Analytics Version11.3.0

F5 ≫ Big-ip Analytics Version11.4.0

F5 ≫ Big-ip Analytics Version11.4.1

F5 ≫ Big-ip Analytics Version11.5.0

F5 ≫ Big-ip Analytics Version11.5.1

F5 ≫ Big-ip Analytics Version11.5.2

F5 ≫ Big-ip Analytics Version11.5.3

F5 ≫ Big-ip Analytics Version11.6.0

F5 ≫ Big-ip Wan Optimization Manager Version11.0.0

F5 ≫ Big-ip Wan Optimization Manager Version11.1.0

F5 ≫ Big-ip Wan Optimization Manager Version11.2.0

F5 ≫ Big-ip Wan Optimization Manager Version11.2.1

F5 ≫ Big-ip Wan Optimization Manager Version11.3.0

F5 ≫ Big-ip Link Controller Version11.0.0

F5 ≫ Big-ip Link Controller Version11.1.0

F5 ≫ Big-ip Link Controller Version11.2.0

F5 ≫ Big-ip Link Controller Version11.2.1

F5 ≫ Big-ip Link Controller Version11.3.0

F5 ≫ Big-ip Link Controller Version11.4.0

F5 ≫ Big-ip Link Controller Version11.4.1

F5 ≫ Big-ip Link Controller Version11.5.0

F5 ≫ Big-ip Link Controller Version11.5.1

F5 ≫ Big-ip Link Controller Version11.5.2

F5 ≫ Big-ip Link Controller Version11.5.3

F5 ≫ Big-ip Link Controller Version11.6.0

F5 ≫ Big-ip Edge Gateway Version11.0.0

F5 ≫ Big-ip Edge Gateway Version11.1.0

F5 ≫ Big-ip Edge Gateway Version11.2.0

F5 ≫ Big-ip Edge Gateway Version11.2.1

F5 ≫ Big-ip Edge Gateway Version11.3.0

F5 ≫ Big-ip Application Security Manager Version11.0.0

F5 ≫ Big-ip Application Security Manager Version11.1.0

F5 ≫ Big-ip Application Security Manager Version11.2.0

F5 ≫ Big-ip Application Security Manager Version11.2.1

F5 ≫ Big-ip Application Security Manager Version11.3.0

F5 ≫ Big-ip Application Security Manager Version11.4.0

F5 ≫ Big-ip Application Security Manager Version11.4.1

F5 ≫ Big-ip Application Security Manager Version11.5.0

F5 ≫ Big-ip Application Security Manager Version11.5.1

F5 ≫ Big-ip Application Security Manager Version11.5.2

F5 ≫ Big-ip Application Security Manager Version11.5.3

F5 ≫ Big-ip Application Security Manager Version11.6.0

F5 ≫ Big-ip Application Acceleration Manager Version11.4.0

F5 ≫ Big-ip Application Acceleration Manager Version11.4.1

F5 ≫ Big-ip Application Acceleration Manager Version11.5.0

F5 ≫ Big-ip Application Acceleration Manager Version11.5.1

F5 ≫ Big-ip Application Acceleration Manager Version11.5.2

F5 ≫ Big-ip Application Acceleration Manager Version11.5.3

F5 ≫ Big-ip Application Acceleration Manager Version11.6.0

F5 ≫ Big-ip Websafe Version11.6.0

F5 ≫ Big-ip Protocol Security Module Version11.0.0

F5 ≫ Big-ip Protocol Security Module Version11.1.0

F5 ≫ Big-ip Protocol Security Module Version11.2.0

F5 ≫ Big-ip Protocol Security Module Version11.2.1

F5 ≫ Big-ip Protocol Security Module Version11.3.0

F5 ≫ Big-ip Protocol Security Module Version11.4.0

F5 ≫ Big-ip Protocol Security Module Version11.4.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.54%	0.665

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	1.6	5.9	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	8.5	6.8	10	AV:N/AC:M/Au:S/C:C/I:C/A:C

http://www.securitytracker.com/id/1036627

Third Party Advisory

VDB Entry

https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-8022

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-8022

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-8022

EUVD