Unauthorized File System Access via TMOS Shell (tmsh) on F5 BIG-IP Systems

Unauthorized File System Access via TMOS Shell (tmsh) on F5 BIG-IP Systems

CVE-2018-5520 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow an administrative user to use the dig utility to gain unauthorized access to file system resources.

Learn more about our Cis Benchmark Audit For F5.