F5 Networks BIG-IP : iControl REST vulnerability (K24465120)
High Nessus Plugin ID 118602
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionRace conditions in iControl REST may lead to commands executed with different privilege levels than expected. (CVE-2017-6167)
Sending asynchronous tasks usingthe iControl REST API may be processed as the wrong user and resultin an error.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K24465120.