CVE-2015-7393

Name of the Vulnerable Software and Affected Versions F5 BIG-IP LTM versions 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1 F5 BIG-IP Analytics versions 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1 F5 BIG-IP APM versions 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1 F5 BIG-IP ASM versions 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1 F5 BIG-IP Link Controller versions 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1 F5 BIG-IP AAM versions 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1 F5 BIG-IP AFM versions 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1 F5 BIG-IP PEM versions 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1 F5 BIG-IP DNS version 12.0.0 before 12.0.0 HF1 F5 BIG-IP Edge Gateway versions 11.2.0 through 11.3.0 F5 BIG-IP WebAccelerator versions 11.2.0 through 11.3.0 F5 BIG-IP WOM versions 11.2.0 through 11.3.0 F5 BIG-IP GTM versions 11.2.0 through 11.6.0 F5 BIG-IP PSM versions 11.2.0 through 11.4.1 F5 Enterprise Manager versions 3.0.0 through 3.1.1 F5 BIG-IQ Cloud versions 4.0.0 through 4.5.0 F5 BIG-IQ Device versions 4.2.0 through 4.5.0 F5 BIG-IQ Security versions 4.0.0 through 4.5.0 F5 BIG-IQ ADC version 4.5.0 F5 BIG-IQ Centralized Management version 4.6.0 F5 BIG-IQ Cloud and Orchestration version 1.0.0

Description The issue allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.

Recommendations For F5 BIG-IP LTM versions 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, update to a version that includes the fix. For F5 BIG-IP Analytics versions 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, update to a version that includes the fix. For F5 BIG-IP APM versions 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, update to a version that includes the fix. For F5 BIG-IP ASM versions 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, update to a version that includes the fix. For F5 BIG-IP Link Controller versions 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, update to a version that includes the fix. For F5 BIG-IP AAM versions 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, update to a version that includes the fix. For F5 BIG-IP AFM versions 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, update to a version that includes the fix. For F5 BIG-IP PEM versions 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, update to a version that includes the fix. For F5 BIG-IP DNS version 12.0.0 before 12.0.0 HF1, update to a version that includes the fix. For F5 BIG-IP Edge Gateway versions 11.2.0 through 11.3.0, update to a version that includes the fix. For F5 BIG-IP WebAccelerator versions 11.2.0 through 11.3.0, update to a version that includes the fix. For F5 BIG-IP WOM versions 11.2.0 through 11.3.0, update to a version that includes the fix. For F5 BIG-IP GTM versions 11.2.0 through 11.6.0, update to a version that includes the fix. For F5 BIG-IP PSM versions 11.2.0 through 11.4.1, update to a version that includes the fix. For F5 Enterprise Manager versions 3.0.0 through 3.1.1, update to a version that includes the fix. For F5 BIG-IQ Cloud versions 4.0.0 through 4.5.0, update to a version that includes the fix. For F5 BIG-IQ Device versions 4.2.0 through 4.5.0, update to a version that includes the fix. For F5 BIG-IQ Security versions 4.0.0 through 4.5.0, update to a version that includes the fix. For F5 BIG-IQ ADC version 4.5.0, update to a version that includes the fix. For F5 BIG-IQ Centralized Management version 4.6.0, update to a version that includes the fix. For F5 BIG-IQ Cloud and Orchestration version 1.0.0, update to a version that includes the fix.