cbcvebase.
CVE-2018-15329
published 2018-12-20

CVE-2018-15329: On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the…

high7.2CVSS 3.0
AVNACLPRHUINSUCHIHAH
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.

Affected

54 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip_aam
f5big-ip_access_policy_manager12.1.0 – 12.1.3.7
f5big-ip_access_policy_manager13.0.0 – 13.1.1.1
f5big-ip_access_policy_manager14.0.0 – 14.0.0.2
f5big-ip_advanced_firewall_manager12.1.0 – 12.1.3.7
f5big-ip_advanced_firewall_manager13.0.0 – 13.1.1.1
f5big-ip_advanced_firewall_manager14.0.0 – 14.0.0.2
f5big-ip_afm
f5big-ip_analytics
f5big-ip_analytics12.1.0 – 12.1.3.7
f5big-ip_analytics13.0.0 – 13.1.1.1
f5big-ip_analytics14.0.0 – 14.0.0.2
f5big-ip_apm
f5big-ip_application_acceleration_manager12.1.0 – 12.1.3.7
f5big-ip_application_acceleration_manager13.0.0 – 13.1.1.1
f5big-ip_application_acceleration_manager14.0.0 – 14.0.0.2
f5big-ip_application_security_manager12.1.0 – 12.1.3.7
f5big-ip_application_security_manager13.0.0 – 13.1.1.1
f5big-ip_application_security_manager14.0.0 – 14.0.0.2
f5big-ip_asm
f5big-ip_dns
f5big-ip_domain_name_system12.1.0 – 12.1.3.7
f5big-ip_domain_name_system13.0.0 – 13.1.1.1
f5big-ip_domain_name_system14.0.0 – 14.0.0.2
f5big-ip_edge_gateway