The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
On BIG-IP versions 16.0.x before 126.96.36.199, 15.1.x before 188.8.131.52, 14.1.x before 14.1.4, 13.1.x before 184.108.40.206, 12.1.x before 220.127.116.11, and 11.6.x before 18.104.22.168 when running in Appliance mode, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
Base Score: 9
Impact Score: 10
Exploitability Score: 8
Base Score: 9.9
Impact Score: 6
Exploitability Score: 3.1
|147636||F5 Networks BIG-IP : Appliance mode TMUI authenticated remote command execution vulnerability (K18132488)||Nessus||F5 Networks Local Security Checks|
|147624||F5 Networks BIG-IP : TMUI authenticated remote command execution vulnerability (K70031188)||Nessus||F5 Networks Local Security Checks|