F5 Networks BIG-IP : Appliance mode tmsh access vulnerability (K02043709)
Low Nessus Plugin ID 118616
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionOn a BIG-IP system configured in Appliance mode, the TMOS Shell (tmsh)
may allow an administrative user to use the dig utility to gain
unauthorized access to file system resources. (CVE-2018-5520)
Note : Appliance mode is designed to meet the needs of customers in
especially sensitive sectors by limiting the BIG-IP system
administrative access to match that of a typical network appliance and
not a multi-user UNIX device. When a BIG-IP system is configured in
Appliance mode, the Advanced Shell ( bash ) access to the file system
is restricted. For information about Appliance mode, refer to K12815:
Overview of Appliance mode.
This vulnerability allows unauthorized disclosure of information.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5