CVE-2015-8022
Summary
| CVE | CVE-2015-8022 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-08-19 21:59:00 UTC |
| Updated | 2019-06-06 15:11:00 UTC |
| Description | The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | F5 | Big-ip Access Policy Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Access Policy Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Advanced Firewall Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Analytics | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Application Acceleration Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Application Security Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Edge Gateway | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Edge Gateway | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Edge Gateway | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Edge Gateway | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Edge Gateway | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Edge Gateway | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Edge Gateway | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Edge Gateway | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Edge Gateway | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Edge Gateway | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Global Traffic Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Link Controller | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Local Traffic Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.5.0 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.5.1 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.5.2 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.5.3 | All | All | All |
| Application | F5 | Big-ip Policy Enforcement Manager | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.4.0 | All | All | All |
| Application | F5 | Big-ip Protocol Security Module | 11.4.1 | All | All | All |
| Application | F5 | Big-ip Wan Optimization Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Wan Optimization Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Wan Optimization Manager | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Wan Optimization Manager | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Wan Optimization Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Wan Optimization Manager | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Wan Optimization Manager | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Wan Optimization Manager | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Wan Optimization Manager | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Wan Optimization Manager | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Webaccelerator | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Webaccelerator | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Webaccelerator | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Webaccelerator | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Webaccelerator | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Webaccelerator | 11.0.0 | All | All | All |
| Application | F5 | Big-ip Webaccelerator | 11.1.0 | All | All | All |
| Application | F5 | Big-ip Webaccelerator | 11.2.0 | All | All | All |
| Application | F5 | Big-ip Webaccelerator | 11.2.1 | All | All | All |
| Application | F5 | Big-ip Webaccelerator | 11.3.0 | All | All | All |
| Application | F5 | Big-ip Websafe | 11.6.0 | All | All | All |
| Application | F5 | Big-ip Websafe | 11.6.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| F5 BIG-IP Configuration Utility File Validation Flaw Lets Remote Authenticated Users Upload Files and Gain Elevated Privileges - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| SOL12401251 - BIG-IP file validation vulnerability CVE-2015-8022 | CONFIRM | support.f5.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.