F5 BIG-IP DNS TMOS Shell Command Vulnerability Allowing Sensitive Information Disclosure

A vulnerability exists in BIG-IP DNS when provisioned, involving an undisclosed TMOS Shell (tmsh) command. This vulnerability may allow a highly privileged authenticated attacker to access sensitive information. Affected versions include BIG-IP DNS 16.1.0 to 16.1.6, 17.1.0 to 17.1.3, and 17.5.0 to 17.5.1. Vulnerable components include the TMOS Shell (tmsh) command line interface.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, such as cleartext passwords, which are displayed in the tmsh command line history output and the audit log. The audit log is accessible by default to users with Auditor, Log Administrator, Resource Administrator, and Administrator roles.

Remediation

Users can upgrade to BIG-IP DNS version 21.0.0 or 17.5.1.4 for the 17.x branch. For versions 16.x, no update candidate currently exists, so it is recommended to upgrade to a version with the fix. After upgrading, it is advised to secure BIG-IP and external logging systems, as internal audit logs and tmsh command line history may still contain cleartext passwords. If the vulnerability is exploited by a trusted user, consider removing their access.