Command Restriction Bypass in F5 BIG-IP Configuration Utility
CVE-2018-15327

7.2HIGH

Key Information:

Vendor: F5
Status: Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator), Enterprise Manager
Vendor: CVE Published:; 31 October 2018

What is CVE-2018-15327?

In certain versions of F5 BIG-IP and Enterprise Manager, an issue has been identified where authenticated administrative users can execute restricted commands via the Traffic Management User Interface (TMUI). This lack of enforcement on command restrictions can allow users to bypass intended security policies, potentially leading to unauthorized actions within the system. It is crucial for organizations utilizing these products to review their configurations and apply the necessary updates to mitigate this vulnerability.

Affected Version(s)

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), Enterprise Manager 14.0.0-14.0.0.2, 13.0.0-13.1.1.1

References

https://support.f5.com/csp/article/K20222812

x_refsource_CONFIRM

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 31, 2018
Vulnerability Reserved
Aug 14, 2018