CVE-2012-2053
F5 FirePass 6.0.0-6.1.0 and 7.0.0 - Unauthenticated Privilege Escalation via Sudoers Misconfiguration
Title source: llmDescription
The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges via the sudo program, as demonstrated by the user account that executes PHP scripts, a different vulnerability than CVE-2012-1777.
References (2)
Core 2
Core References
Exploit x_refsource_misc
https://www.sec-consult.com/files/20120328-0_F5_FirePass_SSL_VPN_unauthenticated_remote_root_v1.0.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74813
Scores
EPSS
0.0005
EPSS Percentile
14.6%
Details
CWE
CWE-264
Status
published
Products (3)
f5/firepass
6.0
f5/firepass
6.1.0
f5/firepass
7.0.0
Published
Apr 05, 2012
Tracked Since
Feb 18, 2026