{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T23:51:34.053","vulnerabilities":[{"cve":{"id":"CVE-2018-5511","sourceIdentifier":"f5sirt@f5.com","published":"2018-04-13T13:29:00.847","lastModified":"2024-11-21T04:08:57.587","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced."},{"lang":"es","value":"En F5 BIG-IP, de la versión 13.1.0 a la 13.1.0.3 o en la versión 13.0.0, cuando los usuarios administrativos autenticados ejecutan comandos en el TMUI (Traffic Management User Interface), también llamado utilidad BIG-IP Configuration, podrían no aplicarse las restricciones sobre los comandos permitidos."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-470"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"BA7D64DC-7271-4617-BD46-99C8246779CA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"6DD7E85A-BE85-4CA1-B9CB-0888735EA132"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"3D75D5AD-C20A-4D94-84E0-E695C9D2A26D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"074CB0CC-E7CD-402E-9EFD-954DAB79D68B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"8C4E5F36-434B-48E1-9715-4EEC22FB23D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"76EAD6EA-811F-4193-A83D-E70A9A53AFC0"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"34D75E7F-B65F-421D-92EE-6B20756019C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"2D536A57-C7DB-4CE1-AE13-254C650343A6"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"BCF89E7C-806E-4800-BAA9-0225433B6C56"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"5491BC3C-EE0C-43FA-B870-BBF9FC4FADB2"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7569977A-E567-4115-B00C-4B0CBA86582E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"D5FDBD38-369B-4007-8D9A-B65B83B2AABD"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4D3374BE-6A37-48B5-83D4-D61558A8433E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"CA7714D5-C0B3-42E0-9F33-C52A93472D04"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"3914B25C-4E86-4C00-A199-4C9A99BA2EC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"EB414A2A-AA17-4137-8881-9B7BAFA5E918"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E2C4414E-8016-48B5-8CC3-F97FF2D85922"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"06A1E194-8FBF-4546-B8D6-6C3B9B142401"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"42821916-E601-4831-B37B-3202ACF2C562"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"E0948894-8098-4532-9E4A-9491E3761C95"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7E703FAB-BFCD-47A1-94BD-DD63879DE883"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"1FE647AD-9B1C-4C8F-9374-9E06677AFF2D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B2E56D76-1A89-46AB-9C17-CB24662FFDE7"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"0B4CB875-6B18-4EA7-8948-189F0130CF1F"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"3F2F72B2-84F2-4FA2-9B53-E98344235EB6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:13.1.0:*:*:*:*:*:*:*","matchCriteriaId":"2FAFAF12-3981-4180-9C2C-994B93DACFCB"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*","matchCriteriaId":"ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:workstation:14.1.5:*:*:*:*:*:*:*","matchCriteriaId":"FF42475C-4684-4EBE-B228-718967A6F650"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*","matchCriteriaId":"FBC814B4-7DEC-4EFC-ABFF-08FFD9FD16AA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:workstation_player:15.0.2:*:*:*:*:*:*:*","matchCriteriaId":"577BAFEB-BC5C-407B-B9D2-0ECD0FE1C946"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/152213/VMware-Host-VMX-Process-Impersonation-Hijack-Privilege-Escalation.html","source":"f5sirt@f5.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://support.f5.com/csp/article/K30500703","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/46600/","source":"f5sirt@f5.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/152213/VMware-Host-VMX-Process-Impersonation-Hijack-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://support.f5.com/csp/article/K30500703","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/46600/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}}]}