CVE-2018-5516

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 11.2.1 through 11.6.3.1 F5 BIG-IP versions 12.1.0 through 12.1.2 F5 BIG-IP versions 13.0.0 through 13.1.0.5 Enterprise Manager version 3.1.1 BIG-IQ Centralized Management versions 4.6.0 BIG-IQ Centralized Management versions 5.0.0 through 5.4.0 BIG-IQ Cloud and Orchestration version 1.0.0 F5 iWorkflow versions 2.0.2 through 2.3.0

Description The issue allows authenticated users with TMOS Shell (tmsh) access to access objects on the file system that would normally be disallowed by tmsh restrictions. This enables authenticated, low-privileged attackers to exfiltrate objects on the file system that should not be allowed.

Recommendations For F5 BIG-IP versions 11.2.1 through 11.6.3.1, consider restricting TMOS Shell (tmsh) access to necessary users only. For F5 BIG-IP versions 12.1.0 through 12.1.2, restrict access to sensitive file system objects. For F5 BIG-IP versions 13.0.0 through 13.1.0.5, limit the privileges of low-privileged attackers. For Enterprise Manager version 3.1.1, restrict TMOS Shell (tmsh) access. For BIG-IQ Centralized Management versions 4.6.0 and 5.0.0 through 5.4.0, limit access to sensitive objects. For BIG-IQ Cloud and Orchestration version 1.0.0, restrict access to the file system. For F5 iWorkflow versions 2.0.2 through 2.3.0, consider disabling TMOS Shell (tmsh) access until a fix is available.