CVE-2018-5547

{"id": "CVE-2018-5547", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2018-08-17T12:29:00.517", "references": [{"url": "http://www.securitytracker.com/id/1041511", "tags": ["Third Party Advisory", "VDB Entry"], "source": "f5sirt@f5.com"}, {"url": "https://support.f5.com/csp/article/K10015187", "tags": ["Vendor Advisory"], "source": "f5sirt@f5.com"}, {"url": "https://support.f5.com/csp/article/K10015187?utm_source=f5support&amp%3Butm_medium=RSS", "source": "f5sirt@f5.com"}, {"url": "http://www.securitytracker.com/id/1041511", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.f5.com/csp/article/K10015187", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.f5.com/csp/article/K10015187?utm_source=f5support&amp%3Butm_medium=RSS", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by default uses Legacy logon mode which uses a SYSTEM account to establish network access. This feature displays a certificate user interface dialog box which contains the link to the certificate policy. By clicking on the link, unprivileged users can open additional dialog boxes and get access to the local machine windows explorer which can be used to get administrator privilege. Windows Logon Integration is vulnerable when the APM client is installed by an administrator on a user machine. Users accessing the local machine can get administrator privileges"}, {"lang": "es", "value": "La caracter\u00edstica Windows Logon Integration del cliente F5 BIG-IP APM en versiones anteriores a la 7.1.7.1 para Windows utiliza de forma predeterminada el modo de inicio de sesi\u00f3n heredado, que utiliza una cuenta SYSTEM para establecer el acceso a la red. Esta funci\u00f3n muestra un cuadro de di\u00e1logo de la interfaz de usuario del certificado que contiene el enlace a la pol\u00edtica de certificados. Al hacer clic en el enlace, los usuarios sin privilegios pueden abrir cuadros de di\u00e1logo adicionales y obtener acceso al explorador de ventanas del equipo local, que se puede utilizar para obtener privilegios de administrador. Windows Logon Integration es vulnerable cuando un administrador instala el cliente APM en un equipo de usuario. Los usuarios que accedan a la m\u00e1quina local pueden obtener privilegios de administrador"}], "lastModified": "2024-11-21T04:09:02.853", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager_client:7.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23060DCD-6F89-463F-BF27-9D3B86B15C3B"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager_client:7.1.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7A32E2B-4891-4B61-A075-33414674EBA2"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager_client:7.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D36885D-B70E-4FBA-AAAD-8BF9B07E8A4E"}], "operator": "OR"}]}], "sourceIdentifier": "f5sirt@f5.com"}