This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:F5-BIG-IP-PE
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
F5 BIG-IP Privilege Escalation
|
Release Date |
2019/06/20
|
Update Number |
3182
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: F5 BIG-IP Privilege Escalation
This signature detects attempts to exploit a known vulnerability against F5 BIG-IP. A successful attack can lead to Privilege Escalation.
Extended Description
The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the "Resource Administrator" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi.
Affected Products
- F5 big-ip_access_policy_manager 11.3.0
- F5 big-ip_access_policy_manager 11.4.0
- F5 big-ip_access_policy_manager 11.4.1
- F5 big-ip_access_policy_manager 11.5.0
- F5 big-ip_access_policy_manager 11.5.1
- F5 big-ip_access_policy_manager 11.5.2
- F5 big-ip_access_policy_manager 11.5.3
- F5 big-ip_access_policy_manager 11.6.0
- F5 big-ip_advanced_firewall_manager 11.3.0
- F5 big-ip_advanced_firewall_manager 11.4.0
- F5 big-ip_advanced_firewall_manager 11.4.1
- F5 big-ip_advanced_firewall_manager 11.5.0
- F5 big-ip_advanced_firewall_manager 11.5.1
- F5 big-ip_advanced_firewall_manager 11.5.2
- F5 big-ip_advanced_firewall_manager 11.5.3
- F5 big-ip_advanced_firewall_manager 11.6.0
- F5 big-ip_analytics 11.3.0
- F5 big-ip_analytics 11.4.0
- F5 big-ip_analytics 11.4.1
- F5 big-ip_analytics 11.5.0
- F5 big-ip_analytics 11.5.1
- F5 big-ip_analytics 11.5.2
- F5 big-ip_analytics 11.5.3
- F5 big-ip_analytics 11.6.0
- F5 big-ip_application_acceleration_manager 11.4.0
- F5 big-ip_application_acceleration_manager 11.4.1
- F5 big-ip_application_acceleration_manager 11.5.0
- F5 big-ip_application_acceleration_manager 11.5.1
- F5 big-ip_application_acceleration_manager 11.5.2
- F5 big-ip_application_acceleration_manager 11.5.3
- F5 big-ip_application_acceleration_manager 11.6.0
- F5 big-ip_application_security_manager 11.3.0
- F5 big-ip_application_security_manager 11.4.0
- F5 big-ip_application_security_manager 11.4.1
- F5 big-ip_application_security_manager 11.5.0
- F5 big-ip_application_security_manager 11.5.1
- F5 big-ip_application_security_manager 11.5.2
- F5 big-ip_application_security_manager 11.5.3
- F5 big-ip_application_security_manager 11.6.0
- F5 big-ip_edge_gateway 11.3.0
- F5 big-ip_enterprise_manager 3.0.0
- F5 big-ip_enterprise_manager 3.1.0
- F5 big-ip_enterprise_manager 3.1.1
- F5 big-ip_global_traffic_manager 11.3.0
- F5 big-ip_global_traffic_manager 11.4.0
- F5 big-ip_global_traffic_manager 11.4.1
- F5 big-ip_global_traffic_manager 11.5.0
- F5 big-ip_global_traffic_manager 11.5.1
- F5 big-ip_global_traffic_manager 11.5.2
- F5 big-ip_global_traffic_manager 11.5.3
- F5 big-ip_global_traffic_manager 11.6.0
- F5 big-ip_link_controller 11.3.0
- F5 big-ip_link_controller 11.4.0
- F5 big-ip_link_controller 11.4.1
- F5 big-ip_link_controller 11.5.0
- F5 big-ip_link_controller 11.5.1
- F5 big-ip_link_controller 11.5.2
- F5 big-ip_link_controller 11.5.3
- F5 big-ip_link_controller 11.6.0
- F5 big-ip_local_traffic_manager 11.3.0
- F5 big-ip_local_traffic_manager 11.4.0
- F5 big-ip_local_traffic_manager 11.4.1
- F5 big-ip_local_traffic_manager 11.5.0
- F5 big-ip_local_traffic_manager 11.5.1
- F5 big-ip_local_traffic_manager 11.5.2
- F5 big-ip_local_traffic_manager 11.5.3
- F5 big-ip_local_traffic_manager 11.6.0
- F5 big-ip_policy_enforcement_manager 11.3.0
- F5 big-ip_policy_enforcement_manager 11.4.0
- F5 big-ip_policy_enforcement_manager 11.4.1
- F5 big-ip_policy_enforcement_manager 11.5.0
- F5 big-ip_policy_enforcement_manager 11.5.1
- F5 big-ip_policy_enforcement_manager 11.5.2
- F5 big-ip_policy_enforcement_manager 11.5.3
- F5 big-ip_policy_enforcement_manager 11.6.0
- F5 big-ip_protocol_security_module 11.3.0
- F5 big-ip_protocol_security_module 11.4.0
- F5 big-ip_protocol_security_module 11.4.1
- F5 big-ip_wan_optimization_manager 11.3.0
- F5 big-ip_webaccelerator 11.3.0
- F5 big-iq_adc 4.5.0
- F5 big-iq_cloud 4.0.0
- F5 big-iq_cloud 4.1.0
- F5 big-iq_cloud 4.2.0
- F5 big-iq_cloud 4.3.0
- F5 big-iq_cloud 4.4.0
- F5 big-iq_cloud 4.5.0
- F5 big-iq_device 4.2.0
- F5 big-iq_device 4.3.0
- F5 big-iq_device 4.4.0
- F5 big-iq_device 4.5.0
- F5 big-iq_security 4.0.0
- F5 big-iq_security 4.1.0
- F5 big-iq_security 4.2.0
- F5 big-iq_security 4.3.0
- F5 big-iq_security 4.4.0
- F5 big-iq_security 4.5.0
References