The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Big-ip_access_policy_manager | F5 | 7.1.5 (including) | 7.1.6.1 (including) |
Big-ip_access_policy_manager | F5 | 11.5.1 (including) | 11.5.6 (including) |
Big-ip_access_policy_manager | F5 | 12.1.0 (including) | 12.1.3 (including) |
Big-ip_access_policy_manager | F5 | 13.0.0 (including) | 13.1.0 (including) |
Big-ip_edge | F5 | 7101 (including) | 7150 (including) |