QID 375668

F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.
F5 BIG-IP (LTM) Local Traffic Manager is the most popular module offered on F5 Networks BIG-IP platform. The real power of the LTM is it is a Full Proxy, allowing you to augment client and server side connections. All while making informed load balancing decisions on availability, performance, and persistence.
F5 BIG-IP Access Policy Manager (APM) is a secure, flexible, high-performance solution that provides unified global access to your network, cloud, and applications.

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a better zip bomb issue. (CVE-2019-13232)

Vulnerable Component: BIG-IP ASM, APM,LTM

Affected Versions:
15.0.0 - 15.0.1
14.0.0 - 14.1.4
13.1.0 - 13.1.4
12.1.0 - 12.1.6

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

Local users with administrative access to the BIG-IP Advanced Shell (bash) may be able to perform a resource-consumption denial-of-service (DoS) attack. This attack can only be exploited by uncompressing a ZIP file using the zip or unzip utility from the command line or by a user-generated script. No F5 scripts or utilities call these programs to unpack a ZIP archive.