First published: Thu Dec 20 2018(Updated: )
On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used by BIG-IP AAM fails to drop group permissions when executing helper scripts, which could be used to leverage attacks against the BIG-IP system.
Credit: f5sirt@f5.com
Affected Software | Affected Version | How to fix |
---|---|---|
F5 Big-ip Application Acceleration Manager | >=12.1.0<=12.1.3 | |
F5 Big-ip Application Acceleration Manager | =13.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.