In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not properly enforce the access controls for the scp.blacklist files. This allows Admin and Resource Admin users with Secure Copy (SCP) protocol access to read and overwrite blacklisted files via SCP.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 big-ip local traffic manager |
||
f5 big-ip advanced firewall manager |
||
f5 big-ip application acceleration manager |
||
f5 big-ip analytics |
||
f5 big-ip access policy manager |
||
f5 big-ip application security manager |
||
f5 big-ip fraud protection service |
||
f5 big-ip global traffic manager |
||
f5 big-ip link controller |
||
f5 big-ip policy enforcement manager |
||
f5 big-ip domain name system |