CVE-2018-15327

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 14.0.0 through 14.0.0.2 F5 BIG-IP versions 13.0.0 through 13.1.1.1 F5 Enterprise Manager version 3.1.1

Description The issue affects authenticated administrative users who run commands in the Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility. Restrictions on allowed commands may not be enforced, potentially leading to unauthorized actions.

Recommendations For F5 BIG-IP versions 14.0.0 through 14.0.0.2, update to a version that enforces command restrictions. For F5 BIG-IP versions 13.0.0 through 13.1.1.1, update to a version that enforces command restrictions. For F5 Enterprise Manager version 3.1.1, update to a version that enforces command restrictions.