CVE-2018-15322

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 14.0.0 through 14.0.0.2 F5 BIG-IP versions 13.0.0 through 13.1.0.7 F5 BIG-IP versions 12.1.0 through 12.1.3.5 F5 BIG-IP versions 11.6.0 through 11.6.3.2 F5 BIG-IP versions 11.2.1 through 11.5.6 F5 BIG-IQ Centralized Management versions 6.0.0 through 6.0.1 F5 BIG-IQ Centralized Management versions 5.0.0 through 5.4.0 F5 BIG-IQ Centralized Management version 4.6.0 F5 BIG-IQ Cloud and Orchestration version 1.0.0 F5 iWorkflow versions 2.0.1 through 2.3.0 F5 Enterprise Manager version 3.1.1

Description A denial-of-service (DoS) issue can occur when a BIG-IP user with tmsh access uses the tmsh utility to run the edit cli preference command and saves changes to another filename repeatedly, causing the /var partition to become full and utilising storage space.

Recommendations For F5 BIG-IP versions 14.0.0 through 14.0.0.2, consider restricting access to the tmsh utility to prevent repeated saving of changes to another filename. For F5 BIG-IP versions 13.0.0 through 13.1.0.7, restrict access to the edit cli preference command to minimize the risk of exploitation. For F5 BIG-IP versions 12.1.0 through 12.1.3.5, F5 BIG-IP versions 11.6.0 through 11.6.3.2, and F5 BIG-IP versions 11.2.1 through 11.5.6, monitor storage space on the /var partition to prevent it from becoming full. For F5 BIG-IQ Centralized Management versions 6.0.0 through 6.0.1, F5 BIG-IQ Centralized Management versions 5.0.0 through 5.4.0, and F5 BIG-IQ Centralized Management version 4.6.0, limit the use of the tmsh utility to trusted users. For F5 BIG-IQ Cloud and Orchestration version 1.0.0, F5 iWorkflow versions 2.0.1 through 2.3.0, and F5 Enterprise Manager version 3.1.1, restrict access to the tmsh utility and monitor storage space on the /var partition.