First published: Wed Oct 31 2018(Updated: )
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full.
Credit: f5sirt@f5.com
Affected Software | Affected Version | How to fix |
---|---|---|
F5 BIG-IP Local Traffic Manager | >=11.2.1<=11.5.6 | |
F5 BIG-IP Local Traffic Manager | >=11.6.0<=11.6.3.2 | |
F5 BIG-IP Local Traffic Manager | >=12.1.0<=12.1.3.5 | |
F5 BIG-IP Local Traffic Manager | >=13.0.0<=13.1.0.7 | |
F5 BIG-IP Local Traffic Manager | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Advanced Firewall Manager | >=11.2.1<=11.5.6 | |
F5 BIG-IP Advanced Firewall Manager | >=11.6.0<=11.6.3.2 | |
F5 BIG-IP Advanced Firewall Manager | >=12.1.0<=12.1.3.5 | |
F5 BIG-IP Advanced Firewall Manager | >=13.0.0<=13.1.0.7 | |
F5 BIG-IP Advanced Firewall Manager | >=14.0.0<=14.0.0.2 | |
f5 big-ip application acceleration manager | >=11.2.1<=11.5.6 | |
f5 big-ip application acceleration manager | >=11.6.0<=11.6.3.2 | |
f5 big-ip application acceleration manager | >=12.1.0<=12.1.3.5 | |
f5 big-ip application acceleration manager | >=13.0.0<=13.1.0.7 | |
f5 big-ip application acceleration manager | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Analytics | >=11.2.1<=11.5.6 | |
F5 BIG-IP Analytics | >=11.6.0<=11.6.3.2 | |
F5 BIG-IP Analytics | >=12.1.0<=12.1.3.5 | |
F5 BIG-IP Analytics | >=13.0.0<=13.1.0.7 | |
F5 BIG-IP Analytics | >=14.0.0<=14.0.0.2 | |
F5 Access Policy Manager | >=11.2.1<=11.5.6 | |
F5 Access Policy Manager | >=11.6.0<=11.6.3.2 | |
F5 Access Policy Manager | >=12.1.0<=12.1.3.5 | |
F5 Access Policy Manager | >=13.0.0<=13.1.0.7 | |
F5 Access Policy Manager | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Protocol Security Manager | >=11.2.1<=11.5.6 | |
F5 BIG-IP Protocol Security Manager | >=11.6.0<=11.6.3.2 | |
F5 BIG-IP Protocol Security Manager | >=12.1.0<=12.1.3.5 | |
F5 BIG-IP Protocol Security Manager | >=13.0.0<=13.1.0.7 | |
F5 BIG-IP Protocol Security Manager | >=14.0.0<=14.0.0.2 | |
f5 big-ip domain name system | >=11.2.1<=11.5.6 | |
f5 big-ip domain name system | >=11.6.0<=11.6.3.2 | |
f5 big-ip domain name system | >=12.1.0<=12.1.3.5 | |
f5 big-ip domain name system | >=13.0.0<=13.1.0.7 | |
f5 big-ip domain name system | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Edge Gateway | >=11.2.1<=11.5.6 | |
F5 BIG-IP Edge Gateway | >=11.6.0<=11.6.3.2 | |
F5 BIG-IP Edge Gateway | >=12.1.0<=12.1.3.5 | |
F5 BIG-IP Edge Gateway | >=13.0.0<=13.1.0.7 | |
F5 BIG-IP Edge Gateway | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP fraud protection services | >=11.2.1<=11.5.6 | |
F5 BIG-IP fraud protection services | >=11.6.0<=11.6.3.2 | |
F5 BIG-IP fraud protection services | >=12.1.0<=12.1.3.5 | |
F5 BIG-IP fraud protection services | >=13.0.0<=13.1.0.7 | |
F5 BIG-IP fraud protection services | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Global Traffic Manager | >=11.2.1<=11.5.6 | |
F5 BIG-IP Global Traffic Manager | >=11.6.0<=11.6.3.2 | |
F5 BIG-IP Global Traffic Manager | >=12.1.0<=12.1.3.5 | |
F5 BIG-IP Global Traffic Manager | >=13.0.0<=13.1.0.7 | |
F5 BIG-IP Global Traffic Manager | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP | >=11.2.1<=11.5.6 | |
F5 BIG-IP | >=11.6.0<=11.6.3.2 | |
F5 BIG-IP | >=12.1.0<=12.1.3.5 | |
F5 BIG-IP | >=13.0.0<=13.1.0.7 | |
F5 BIG-IP | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Policy Enforcement Manager | >=11.2.1<=11.5.6 | |
F5 BIG-IP Policy Enforcement Manager | >=11.6.0<=11.6.3.2 | |
F5 BIG-IP Policy Enforcement Manager | >=12.1.0<=12.1.3.5 | |
F5 BIG-IP Policy Enforcement Manager | >=13.0.0<=13.1.0.7 | |
F5 BIG-IP Policy Enforcement Manager | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP WebAccelerator | >=11.2.1<=11.5.6 | |
F5 BIG-IP WebAccelerator | >=11.6.0<=11.6.3.2 | |
F5 BIG-IP WebAccelerator | >=12.1.0<=12.1.3.5 | |
F5 BIG-IP WebAccelerator | >=13.0.0<=13.1.0.7 | |
F5 BIG-IP WebAccelerator | >=14.0.0<=14.0.0.2 | |
F5 Enterprise Manager | =3.1.1 | |
F5 BIG-IP and BIG-IQ Centralized Management | >=5.0.0<=5.4.0 | |
F5 BIG-IP and BIG-IQ Centralized Management | >=6.0.0<=6.0.1 | |
F5 BIG-IP and BIG-IQ Centralized Management | =4.6.0 | |
F5 BIG-IQ Cloud and Orchestration | =1.0.0 | |
F5 iWorkflow | >=2.0.1<=2.3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-15322 is rated as critical due to the potential for privileged escalation by users with tmsh access.
To fix CVE-2018-15322, upgrade your F5 BIG-IP to a patched version as recommended in the vendor's advisory.
CVE-2018-15322 affects specific versions of F5 BIG-IP ranging from 11.2.1 to 14.0.0-14.0.0.2.
The impact of CVE-2018-15322 allows unauthorized escalation of privileges, potentially compromising the management of the BIG-IP system.
No specific workaround for CVE-2018-15322 is recommended; updating to a secure version is the only solution.