F5 Networks BIG-IP : TMUI RCE vulnerability (K52145254)


The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.(CVE-2020-5902) Impact This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the Configuration utility, through the BIG-IP management port and/or self IPs, to execute arbitrary system commands, create or delete files, disable services, and/or execute arbitrary Java code. This vulnerability may result in complete system compromise. The BIG-IP system in Appliance mode is also vulnerable. This issue is not exposed on the data plane; only the control plane is affected. Note : All information present on an infiltrated system should be considered compromised. This includes, but is not limited to, logs, configurations, credentials, and digital certificates. Important : If your BIG-IP system has TMUI exposed to the Internet and it does not have a fixed version of software installed, there is a high probability that it has been compromised and you should follow your internal incident response procedures. Refer to the Indicatorsof compromise section.