The dcdb_convert utility used by BIG-IP AAM fails to drop group permissions when executing helper scripts, which could be used to leverage attacks against the BIG-IP system. (CVE-2018-15331)
Impact
This issue does not have a direct exploit, but may be used to leverage attacks against the BIG-IP system by way of the AAM module.
Thedcdb_convertbinary is typically run manually to update the capabilities database. The risk of exploitation is from downloading a malformed capabilities database, which includes an exploit and running it through the dcdb_convert utility.