When the BIG-IP system is licensed with Appliance mode, user accounts with Administrator and Resource Administrator roles can bypass Appliance mode restrictions. (CVE-2019-6633)
Impact
This vulnerability allows the attacker to exploit the system with high-level privileges to read and modify the arbitrary files. This behavior is possible only when the BIG-IP system runs in Appliance mode and the user account is configured with the Administrator or Resource Administrator role. The Resource Administrator role requires TMOS Shell (tmsh) access to be vulnerable. Appliance mode is a licensed feature on the BIG-IP product.