Vulnerability Name: CVE-2018-5540 (CCN-147014) Assigned: 2018-07-19 Published: 2018-07-19 Updated: 2019-10-03 Summary: On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up. CVSS v3 Severity: 4.4 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N )3.9 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): HighUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): NoneAvailibility (A): None
4.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N )3.6 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): HighPrivileges Required (PR): HighUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): NoneAvailibility (A): None
CVSS v2 Severity: 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N )Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
3.8 Low (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:C/I:N/A:N )Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): HighAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): CompleteIntegrity (I): NoneAvailibility (A): None
Vulnerability Type: CWE-732 Vulnerability Consequences: Gain Privileges References: Source: MITRE Type: CNACVE-2018-5540 Source: CCN Type: SECTRACK ID: 1041340F5 Enterprise Manager big3d Process Group Privileges May Let Local Users Gain Elevated Privileges in Certain Cases Source: CCN Type: SECTRACK ID: 1041341F5 BIG-IP big3d Process Group Privileges May Let Local Users Gain Elevated Privileges in Certain Cases Source: BID Type: Third Party Advisory, VDB Entry104920 Source: CCN Type: BID-104920F5 BIG-IP big3d Process CVE-2018-5540 Local Privilege Escalation Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry1041340 Source: SECTRACK Type: Third Party Advisory, VDB Entry1041341 Source: XF Type: UNKNOWNf5-cve20185540-priv-esc(147014) Source: CCN Type: F5 Security Advisory K82038789big3d vulnerability CVE-2018-5540 Source: CONFIRM Type: Vendor Advisoryhttps://support.f5.com/csp/article/K82038789 Vulnerable Configuration: Configuration 1 :cpe:/a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (Version >= 11.5.1 and <= 11.5.6)OR cpe:/a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (Version >= 11.6.0 and <= 11.6.3.1) OR cpe:/a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (Version >= 12.1.0 and <= 12.1.3.3) OR cpe:/a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (Version >= 13.0.0 and <= 13.0.1) Configuration 2 :cpe:/a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (Version >= 11.5.1 and <= 11.5.6)OR cpe:/a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (Version >= 11.6.0 and <= 11.6.3.1) OR cpe:/a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and <= 12.1.3.3) OR cpe:/a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and <= 13.0.1) Configuration 3 :cpe:/a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:* Configuration 4 :cpe:/a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:* (Version >= 5.0.0 and <= 5.1.0)Configuration 5 :cpe:/a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:* Configuration 6 :cpe:/a:f5:f5_iworkflow:*:*:*:*:*:*:*:* (Version >= 2.1.0 and <= 2.3.0)Configuration CCN 1 :cpe:/a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip:12.1.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip:13.0.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-iq_centralized_management:5.0.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:* OR cpe:/a:f5:iworkflow:2.3.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip:12.1.3.7:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip:11.6.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-iq_centralized_management:5.1.0:*:*:*:*:*:*:* OR cpe:/a:f5:iworkflow:2.1.0:*:*:*:*:*:*:* Denotes that component is vulnerable BACK
f5 big-ip domain name system *
f5 big-ip domain name system *
f5 big-ip domain name system *
f5 big-ip domain name system *
f5 big-ip global traffic manager *
f5 big-ip global traffic manager *
f5 big-ip global traffic manager *
f5 big-ip global traffic manager *
f5 enterprise manager 3.1.1
f5 big-iq centralized management *
f5 big-iq cloud and orchestration 1.0.0
f5 f5 iworkflow *
f5 enterprise manager 3.1.1
f5 big-ip 11.5.1
f5 big-ip 12.1.0
f5 big-ip 11.6.0
f5 big-ip 13.0.0
f5 big-iq centralized management 5.0.0
f5 big-iq cloud and orchestration 1.0.0
f5 iworkflow 2.3.0
f5 big-ip 12.1.3.7
f5 big-ip 11.6.3
f5 big-iq centralized management 5.1.0
f5 iworkflow 2.1.0