Описание
The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges via the sudo program, as demonstrated by the user account that executes PHP scripts, a different vulnerability than CVE-2012-1777.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:f5:firepass:6.0:*:*:*:*:*:*:*
cpe:2.3:h:f5:firepass:6.1.0:*:*:*:*:*:*:*
cpe:2.3:h:f5:firepass:7.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00047
Низкий
7.2 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges via the sudo program, as demonstrated by the user account that executes PHP scripts, a different vulnerability than CVE-2012-1777.
EPSS
Процентиль: 14%
0.00047
Низкий
7.2 High
CVSS2
Дефекты
CWE-264