← back
CVE-2018-15333

CVE-2018-15333

EPSS 0.4%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
28 Dec 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such as QKView and TCPDumps.
Affected products
F5 Networks, Inc. · BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.f5.com/csp/article/K53620021https://support.f5.com/csp/article/K53620021?utm_source=f5support&amp%3Butm_medium=RSShttp://www.securityfocus.com/bid/106380