The BIG-IP Configuration utility may not properly validate file type or contents where uploaded files are allowed in the Access Policy Manager configuration section (uploadImage.php). (CVE-2015-8021)
Impact
An authenticated attacker could upload files to the BIG-IP system.