Authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to allow root shell access from within the TMOS Shell (tmsh) interface. Thetmshinterface allows users to execute a secondary program via tools likesftporscp. (CVE-2019-6642)
Impact
BIG-IP, BIG-IQ, F5 iWorkflow, and Enterprise Manager
The affected systems are incidentally protected against direct access to the Advanced Shell (bash); however, users who can upload an executable file (or script) can bypass this protection.
Traffix SDC
There is no impact for this product as it is not affected by this vulnerability.