Back to search
CVE-2016-9256
Published: May 9, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This is a race condition that occurs rarely in normal usage; the typical period in which this is possible is limited to at most a few seconds after the permission change.
| Vendor | Product | Versions |
|---|---|---|
F5 Networks, Inc. | BIG-IP | affected 12.1.0-12.1.2 |
References
https://support.f5.com/csp/article/K47284724
x_refsource_CONFIRM
96464
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now