QwikSec

Security Database

CVE

CWE

Training

CVE-2012-2053

Published: Apr 4, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges via the sudo program, as demonstrated by the user account that executes PHP scripts, a different vulnerability than CVE-2012-1777.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.sec-consult.com/files/20120328-0_F5_FirePass_SSL_VPN_unauthenticated_remote_root_v1.0.txt

x_refsource_MISC

firepass-sudoers-priv-escalation(74813)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.