A local BIG-IQ user with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password. (CVE-2017-6152)
Impact
This vulnerability allows increased privileges for user accounts with the Access Manager role.