CVE-2015-7394

Name of the Vulnerable Software and Affected Versions F5 BIG-IP Analytics versions 11.1.0 through 11.9.x are not explicitly mentioned, however, versions prior to 12.0.0 are affected. F5 BIG-IP APM versions 11.1.0 through 11.9.x are not explicitly mentioned, however, versions prior to 12.0.0 are affected. F5 BIG-IP ASM versions 11.1.0 through 11.9.x are not explicitly mentioned, however, versions prior to 12.0.0 are affected. F5 BIG-IP Link Controller versions 11.1.0 through 11.9.x are not explicitly mentioned, however, versions prior to 12.0.0 are affected. F5 BIG-IP LTM versions 11.1.0 through 11.9.x are not explicitly mentioned, however, versions prior to 12.0.0 are affected. F5 BIG-IP AAM versions 11.4.0 through 11.9.x are not explicitly mentioned, however, versions prior to 12.0.0 are affected. F5 BIG-IP AFM versions 11.3.0 through 11.9.x are not explicitly mentioned, however, versions prior to 12.0.0 are affected. F5 BIG-IP PEM versions 11.3.0 through 11.9.x are not explicitly mentioned, however, versions prior to 12.0.0 are affected. F5 BIG-IP Edge Gateway versions 11.1.0 through 11.3.0 F5 BIG-IP WebAccelerator versions 11.1.0 through 11.3.0 F5 BIG-IP WOM versions 11.1.0 through 11.3.0 F5 BIG-IP GTM versions 11.1.0 through 11.6.0 F5 BIG-IP PSM versions 11.1.0 through 11.4.1 F5 BIG-IQ Cloud and Security versions 4.0.0 through 4.5.0 F5 BIG-IQ Device versions 4.2.0 through 4.5.0 F5 BIG-IQ ADC version 4.5.0 F5 Enterprise Manager versions 3.0.0 through 3.1.1

Description The issue allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code via the datastor kernel module.

Recommendations For F5 BIG-IP Analytics versions prior to 12.0.0, update to version 12.0.0 or later. For F5 BIG-IP APM versions prior to 12.0.0, update to version 12.0.0 or later. For F5 BIG-IP ASM versions prior to 12.0.0, update to version 12.0.0 or later. For F5 BIG-IP Link Controller versions prior to 12.0.0, update to version 12.0.0 or later. For F5 BIG-IP LTM versions prior to 12.0.0, update to version 12.0.0 or later. For F5 BIG-IP AAM versions prior to 12.0.0, update to version 12.0.0 or later. For F5 BIG-IP AFM versions prior to 12.0.0, update to version 12.0.0 or later. For F5 BIG-IP PEM versions prior to 12.0.0, update to version 12.0.0 or later. For F5 BIG-IP Edge Gateway versions 11.1.0 through 11.3.0, update to version 11.3.1 or later. For F5 BIG-IP WebAccelerator versions 11.1.0 through 11.3.0, update to version 11.3.1 or later. For F5 BIG-IP WOM versions 11.1.0 through 11.3.0, update to version 11.3.1 or later. For F5 BIG-IP GTM versions 11.1.0 through 11.6.0, update to version 11.6.1 or later. For F5 BIG-IP PSM versions 11.1.0 through 11.4.1, update to version 11.4.2 or later. For F5 BIG-IQ Cloud and Security versions 4.0.0 through 4.5.0, update to version 4.5.1 or later. For F5 BIG-IQ Device versions 4.2.0 through 4.5.0, update to version 4.5.1 or later. For F5 BIG-IQ ADC version 4.5.0, update to version 4.5.1 or later. For F5 Enterprise Manager versions 3.0.0 through 3.1.1, update to version 3.1.2 or later.