CVE-2019-6597

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 11.5.1 through 11.5.8 F5 BIG-IP versions 11.6.1 through 11.6.3.2 F5 BIG-IP versions 12.1.0 through 12.1.3.7 F5 BIG-IP versions 13.0.0 through 13.1.1.1 F5 Enterprise Manager version 3.1.1

Description The issue affects authenticated administrative users who run commands in the Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility. Restrictions on allowed commands may not be enforced, potentially leading to unauthorized actions.

Recommendations For F5 BIG-IP versions 11.5.1 through 11.5.8, update to a version outside of this range to enforce command restrictions. For F5 BIG-IP versions 11.6.1 through 11.6.3.2, update to a version outside of this range to enforce command restrictions. For F5 BIG-IP versions 12.1.0 through 12.1.3.7, update to a version outside of this range to enforce command restrictions. For F5 BIG-IP versions 13.0.0 through 13.1.1.1, update to a version outside of this range to enforce command restrictions. For F5 Enterprise Manager version 3.1.1, update to a version outside of this range to enforce command restrictions.