Published: 08/03/2018 Updated: 03/10/2019
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Summary

A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password.

Affected Products

Vendor Product Versions
F5Big-iq Centralized Management5.1.0, 5.2.0