A vulnerability in the BIG-IP AFM Configuration utility may allow any authenticated BIG-IP user to run an SQL injection attack. (CVE-2019-6658)
Impact
An attacker may be able to extract table name enumeration and user account names. All other data available through the injection is already available to an attacker through normal mechanisms.