← back
CVE-2018-5520

CVE-2018-5520

EPSS 1.1%
On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell (tmsh) may allow an administrative user to use the dig utility to gain unauthorized access to file system resources.
Affected products
F5 Networks, Inc. · BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.f5.com/csp/article/K02043709http://www.securitytracker.com/id/1040798