Vulnerability CVE-2019-6641


Published: 2019-07-03

Description:
On BIG-IP 12.1.0-12.1.4.1, undisclosed requests can cause iControl REST processes to crash. The attack can only come from an authenticated user; all roles are capable of performing the attack. Unauthenticated users cannot perform this attack.

Type:

CWE-20

(Improper Input Validation)

Vendor: F5
Product: Big-ip edge gateway 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
See more versions on NVD
Product: Big-ip domain name system 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
See more versions on NVD
Product: Big-ip application security manager 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
See more versions on NVD
Product: Big-ip application acceleration manager 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
12.1.3.1
See more versions on NVD
Product: Big-ip analytics 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
12.1.3.1
See more versions on NVD
Product: Big-ip advanced firewall manager 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
12.1.3.1
See more versions on NVD
Product: Big-ip access policy manager 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
12.1.3.1
See more versions on NVD
Product: Big-ip webaccelerator 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
12.1.3.1
See more versions on NVD
Product: Big-ip policy enforcement manager 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
12.1.3.1
See more versions on NVD
Product: Big-ip local traffic manager 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
12.1.3.1
See more versions on NVD
Product: Big-ip link controller 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
12.1.3.1
See more versions on NVD
Product: Big-ip global traffic manager 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
12.1.3.1
See more versions on NVD
Product: Big-ip fraud protection service 
Version:
12.1.4
12.1.3.7
12.1.3.6
12.1.3.5
12.1.3.4
12.1.3.3
12.1.3.2
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.securityfocus.com/bid/109060
https://support.f5.com/csp/article/K22384173

Related CVE
CVE-2019-6646
On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin privileges.
CVE-2019-6643
On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, and 11.5.2-11.6.4, an attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the TMM pr...
CVE-2019-6648
On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) log files may contain BIG-IP secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by ...
CVE-2019-6647
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, when processing authentication attempts for control-plane users MCPD leaks a small amount of memory. Under rare conditions attackers with access to the managem...
CVE-2019-6645
On BIG-IP 14.0.0-14.1.0.5, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, FTP traffic passing through a Virtual Server with both an active FTP profile associated and connection mirroring configured may lead to a TMM crash causing the configured HA ac...
CVE-2019-6644
Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized user...
CVE-2019-6640
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, SNMP exposes sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is inserted into...
CVE-2019-6639
On BIG-IP (AFM, PEM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting (XSS) issue. Th...

Copyright 2019, cxsecurity.com

 

Back to Top