ID

VAR-201511-0085


CVE

CVE-2015-7394


TITLE

plural F5 BIG-IP Product Datastor kernel Service disruption in modules (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-005773

DESCRIPTION

The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code. plural F5 BIG-IP Product Datastor kernel Module contains service disruption (DoS) There are vulnerabilities that can be made state or gain privileges.Denial of service due to the use of permissions to upload and execute code by remotely authenticated users (DoS) It may be put into a state or it may be authorized. F5 BIG-IP Analytics and others are products of F5 Corporation of the United States. F5 BIG-IP Analytics is a suite of web application performance analysis software. APM is a set of solutions that provide secure and unified access to business-critical applications and networks. LTM is a local traffic manager. datastor kernel is a datastor kernel module used in these products. A security vulnerability exists in the datastor kernel module of several F5 products. 0 to 11.4.1; BIG-IQ Cloud and Security 4.0.0 to 4.5.0; BIG-IQ Device 4.2.0 to 4.5.0; BIG-IQ ADC 4.5.0; Enterprise Manager 3.0 .0 version to 3.1.1 version

Trust: 1.71

sources: NVD: CVE-2015-7394 // JVNDB: JVNDB-2015-005773 // VULHUB: VHN-85355

AFFECTED PRODUCTS

vendor:f5model:big-ip local traffic managerscope:eqversion:11.4.1

Trust: 1.6

vendor:f5model:big-iq adcscope:eqversion:4.5.0

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:11.2.0

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.3

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.1

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:11.2.1

Trust: 1.6

vendor:f5model:big-iq cloudscope:eqversion:4.5.0

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.0

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.2

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:11.1.0

Trust: 1.6

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip enterprise managerscope:eqversion:3.1.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-iq cloudscope:eqversion:4.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-iq securityscope:eqversion:4.1.0

Trust: 1.0

vendor:f5model:big-iq devicescope:eqversion:4.5.0

Trust: 1.0

vendor:f5model:big-iq cloudscope:eqversion:4.3.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-iq securityscope:eqversion:4.3.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-iq cloudscope:eqversion:4.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-iq cloudscope:eqversion:4.4.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-iq cloudscope:eqversion:4.2.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip enterprise managerscope:eqversion:3.0.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-iq securityscope:eqversion:4.0.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-iq securityscope:eqversion:4.2.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-iq securityscope:eqversion:4.4.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip enterprise managerscope:eqversion:3.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-iq devicescope:eqversion:4.3.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-iq securityscope:eqversion:4.5.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-iq devicescope:eqversion:4.4.0

Trust: 1.0

vendor:f5model:big-iq devicescope:eqversion:4.2.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.0.0 to 11.6.0

Trust: 0.8

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.3.0 to 11.6.0

Trust: 0.8

vendor:f5model:big-ip analyticsscope:eqversion:11.0.0 to 11.6.0

Trust: 0.8

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.4.0 to 11.6.0

Trust: 0.8

vendor:f5model:big-ip application security managerscope:eqversion:11.0.0 to 11.6.0

Trust: 0.8

vendor:f5model:big-ip edge gatewayscope:eqversion:11.1.0 to 11.3.0

Trust: 0.8

vendor:f5model:big-ip global traffic managerscope:eqversion:11.0.0 to 11.6.0

Trust: 0.8

vendor:f5model:big-ip link controllerscope:eqversion:11.0.0 to 11.6.0

Trust: 0.8

vendor:f5model:big-ip local traffic managerscope:eqversion:11.0.0 to 11.6.0

Trust: 0.8

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.3.0 to 11.6.0

Trust: 0.8

vendor:f5model:big-ip protocol security modulescope:eqversion:11.1.0 to 11.4.1

Trust: 0.8

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.1.0 to 11.3.0

Trust: 0.8

vendor:f5model:big-ip webacceleratorscope:eqversion:11.1.0 to 11.3.0

Trust: 0.8

vendor:f5model:big-iq application delivery controllerscope:eqversion:4.5.0

Trust: 0.8

vendor:f5model:big-iq cloudscope:eqversion:4.0.0 to 4.5.0

Trust: 0.8

vendor:f5model:big-iq devicescope:eqversion:4.2.0 to 4.5.0

Trust: 0.8

vendor:f5model:big-iq securityscope:eqversion:4.0.0 to 4.5.0

Trust: 0.8

vendor:f5model:enterprise managerscope:eqversion:3.0.0 to 3.1.1

Trust: 0.8

sources: CNNVD: CNNVD-201511-111 // JVNDB: JVNDB-2015-005773 // NVD: CVE-2015-7394

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-7394
value: HIGH

Trust: 1.0

NVD: CVE-2015-7394
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201511-111
value: CRITICAL

Trust: 0.6

VULHUB: VHN-85355
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-7394
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-85355
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-85355 // CNNVD: CNNVD-201511-111 // JVNDB: JVNDB-2015-005773 // NVD: CVE-2015-7394

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-85355 // JVNDB: JVNDB-2015-005773 // NVD: CVE-2015-7394

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201511-111

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201511-111

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-005773

PATCH

title:sol17407: Datastor kernel vulnerability CVE-2015-7394url:https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html

Trust: 0.8

title:Multiple F5 Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58606

Trust: 0.6

sources: CNNVD: CNNVD-201511-111 // JVNDB: JVNDB-2015-005773

EXTERNAL IDS

db:NVDid:CVE-2015-7394

Trust: 2.5

db:SECTRACKid:1034025

Trust: 1.7

db:SECTRACKid:1034026

Trust: 1.7

db:JVNDBid:JVNDB-2015-005773

Trust: 0.8

db:CNNVDid:CNNVD-201511-111

Trust: 0.7

db:SEEBUGid:SSVID-89763

Trust: 0.1

db:VULHUBid:VHN-85355

Trust: 0.1

sources: VULHUB: VHN-85355 // CNNVD: CNNVD-201511-111 // JVNDB: JVNDB-2015-005773 // NVD: CVE-2015-7394

REFERENCES

url:https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html

Trust: 1.7

url:http://www.securitytracker.com/id/1034025

Trust: 1.7

url:http://www.securitytracker.com/id/1034026

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7394

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7394

Trust: 0.8

sources: VULHUB: VHN-85355 // CNNVD: CNNVD-201511-111 // JVNDB: JVNDB-2015-005773 // NVD: CVE-2015-7394

SOURCES

db:VULHUBid:VHN-85355
db:CNNVDid:CNNVD-201511-111
db:JVNDBid:JVNDB-2015-005773
db:NVDid:CVE-2015-7394

LAST UPDATE DATE

2026-06-19T23:13:46.561000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-85355date:2019-06-06T00:00:00
db:CNNVDid:CNNVD-201511-111date:2019-06-10T00:00:00
db:JVNDBid:JVNDB-2015-005773date:2015-11-10T00:00:00
db:NVDid:CVE-2015-7394date:2026-06-17T00:32:22.380

SOURCES RELEASE DATE

db:VULHUBid:VHN-85355date:2015-11-06T00:00:00
db:CNNVDid:CNNVD-201511-111date:2015-11-09T00:00:00
db:JVNDBid:JVNDB-2015-005773date:2015-11-10T00:00:00
db:NVDid:CVE-2015-7394date:2015-11-06T18:59:03.407