CVE-2019-6635

Name of the Vulnerable Software and Affected Versions BIG-IP versions 11.5.1 through 11.5.8 BIG-IP versions 11.6.1 through 11.6.3.4 BIG-IP versions 12.1.0 through 12.1.4 BIG-IP versions 13.0.0 through 13.1.1.4 BIG-IP versions 14.0.0 through 14.0.0.4 BIG-IP versions 14.1.0 through 14.1.0.5

Description A user with either the Administrator or the Resource Administrator role can bypass Appliance mode restrictions when the BIG-IP system is licensed for Appliance mode.

Recommendations For BIG-IP versions 11.5.1 through 11.5.8, restrict access to Administrator and Resource Administrator roles to minimize the risk of exploitation. For BIG-IP versions 11.6.1 through 11.6.3.4, restrict access to Administrator and Resource Administrator roles to minimize the risk of exploitation. For BIG-IP versions 12.1.0 through 12.1.4, restrict access to Administrator and Resource Administrator roles to minimize the risk of exploitation. For BIG-IP versions 13.0.0 through 13.1.1.4, restrict access to Administrator and Resource Administrator roles to minimize the risk of exploitation. For BIG-IP versions 14.0.0 through 14.0.0.4, restrict access to Administrator and Resource Administrator roles to minimize the risk of exploitation. For BIG-IP versions 14.1.0 through 14.1.0.5, restrict access to Administrator and Resource Administrator roles to minimize the risk of exploitation.