F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K00363258)
Medium Nessus Plugin ID 118614
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionA local file vulnerability exists in the BIG-IP Configuration utility
that exposes files containing F5-provided data only, and do not
include configuration data, proxied traffic, or other potentially
sensitive customer data. (CVE-2018-5525)
Authenticated users may be able to retrieve files local to the BIG-IP
system using the Configuration utility.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5