When an authenticated administrative user installs RPMs using the iAppsLX REST installer, the BIG-IP system does not sufficiently validate user input, allowing the user read access to the filesystem. (CVE-2020-27727)
Impact
An attacker can exploit this vulnerability as an authenticated administrative user to get read-only access as root user to the filesystem on the BIG-IP system.