Vulnerability Description
Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by default uses Legacy logon mode which uses a SYSTEM account to establish network access. This feature displays a certificate user interface dialog box which contains the link to the certificate policy. By clicking on the link, unprivileged users can open additional dialog boxes and get access to the local machine windows explorer which can be used to get administrator privilege. Windows Logon Integration is vulnerable when the APM client is installed by an administrator on a user machine. Users accessing the local machine can get administrator privileges
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F5 | Big-Ip Access Policy Manager Client | 7.1.6 |
Related Weaknesses (CWE)
References
- http://www.securitytracker.com/id/1041511Third Party AdvisoryVDB Entry
- https://support.f5.com/csp/article/K10015187Vendor Advisory
- https://support.f5.com/csp/article/K10015187?utm_source=f5support&%3Butm_medi
- http://www.securitytracker.com/id/1041511Third Party AdvisoryVDB Entry
- https://support.f5.com/csp/article/K10015187Vendor Advisory
- https://support.f5.com/csp/article/K10015187?utm_source=f5support&%3Butm_medi
FAQ
What is CVE-2018-5547?
CVE-2018-5547 is a vulnerability with a CVSS score of 7.8 (HIGH). Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by default uses Legacy logon mode which uses a SYSTEM account to establish network access. This feature d...
How severe is CVE-2018-5547?
CVE-2018-5547 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5547?
Check the references section above for vendor advisories and patch information. Affected products include: F5 Big-Ip Access Policy Manager Client.