Vulnerability CVE-2019-6631


Published: 2019-07-03

Description:
On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs.

Type:

CWE-20

(Improper Input Validation)

Vendor: F5
Product: Big-ip domain name system 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
11.6.0
See more versions on NVD
Product: Big-ip edge gateway 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
See more versions on NVD
Product: Big-ip global traffic manager 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
See more versions on NVD
Product: Big-ip link controller 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
See more versions on NVD
Product: Big-ip local traffic manager 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
See more versions on NVD
Product: Big-ip policy enforcement manager 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
See more versions on NVD
Product: Big-ip access policy manager 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
See more versions on NVD
Product: Big-ip webaccelerator 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
See more versions on NVD
Product: Big-ip advanced firewall manager 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
See more versions on NVD
Product: Big-ip analytics 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
See more versions on NVD
Product: Big-ip application acceleration manager 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
11.6.0
See more versions on NVD
Product: Big-ip application security manager 
Version:
11.6.4
11.6.3.4
11.6.3.3
11.6.3.2
11.6.3.1
11.6.3
11.6.2
11.6.1
11.6.0
See more versions on NVD
Product: Big-ip websafe 
Version: 11.6.1;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.securityfocus.com/bid/109119
https://support.f5.com/csp/article/K19501795

Related CVE
CVE-2019-6659
On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.
CVE-2019-6660
On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.
CVE-2019-6661
When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources.
CVE-2019-6662
On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.
CVE-2019-6664
On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.
CVE-2019-6656
BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in the log files. Vulnerable versions of the client are bundled with BIG-IP APM versions 15.0.0-15.0.1, 14,1.0-14.1.0.6, 14.0.0-14.0.0.4, 13.0.0-13.1.1.5, 12...
CVE-2019-6655
On versions 13.0.0-13.1.0.1, 12.1.0-12.1.4.1, 11.6.1-11.6.4, and 11.5.1-11.5.9, BIG-IP platforms where AVR, ASM, APM, PEM, AFM, and/or AAM is provisioned may leak sensitive data.
CVE-2019-6654
On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering (As defined in RFC 1812 section 5.3.7) on the control plane (management interface). This may allow attackers on a...

Copyright 2019, cxsecurity.com

 

Back to Top