CVE-2019-19151

Name of the Vulnerable Software and Affected Versions BIG-IP versions 11.5.2 through 15.1.0 BIG-IQ versions 5.0.0 through 7.0.0 iWorkflow version 2.3.0 Enterprise Manager version 3.1.1

Description The issue allows authenticated users with TMOS Shell (tmsh) privileges to access objects on the file system that are normally disallowed by tmsh restrictions. This enables authenticated, low-privileged attackers to access objects on the file system that would not normally be allowed.

Recommendations For BIG-IP versions 11.5.2 through 15.1.0, restrict access to the TMOS Shell (tmsh) to minimize the risk of exploitation. For BIG-IQ versions 5.0.0 through 7.0.0, consider limiting privileges for authenticated users to reduce the attack surface. For iWorkflow version 2.3.0, avoid granting TMOS Shell (tmsh) privileges to low-privileged users until a fix is available. For Enterprise Manager version 3.1.1, restrict access to sensitive objects on the file system to prevent unauthorized access.