Description

The Traffic Management User Interface (TMUI) present in F5 BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1 is vulnerable to a Remote Code Execution (RCE) vulnerability that allows unauthenticated attackers, or authenticated users, with network access to the TMUI, to execute arbitrary system commands, create or delete files, disable services, and/or execute arbitrary Java code.

Remediation

F5 recommends upgrading to a fixed software version to fully mitigate this vulnerability (consult the References section).

References

Related Vulnerabilities