CVE-2019-6651

In BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.5.1-11.6.4, BIG-IQ 7.0.0, 6.0.0-6.1.0,5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, the Configuration utility login page may not follow best security practices when handling a malicious request.

CVSS v3 5.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://support.f5.com/csp/article/K89509323	Vendor Advisory
https://support.f5.com/csp/article/K89509323?utm_source=f5support&amp%3Butm_medium=RSS
https://support.f5.com/csp/article/K89509323	Vendor Advisory
https://support.f5.com/csp/article/K89509323?utm_source=f5support&amp%3Butm_medium=RSS

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:::::::*

Configuration 3 (hide)

OR	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:::::::*

Configuration 4 (hide)

OR	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics:15.0.0:::::::*

Configuration 5 (hide)

OR	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:::::::*

Configuration 6 (hide)

OR	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:::::::*

Configuration 7 (hide)

OR	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:::::::*

Configuration 8 (hide)

OR	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:::::::*

Configuration 9 (hide)

OR	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:::::::*

Configuration 10 (hide)

OR	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller:15.0.0:::::::*

Configuration 11 (hide)

OR	cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:::::::*

Configuration 12 (hide)

OR	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:::::::*

Configuration 13 (hide)

OR	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:::::::*

Configuration 14 (hide)

OR	cpe:2.3:a:f5:big-iq_centralized_management::::::::
	cpe:2.3:a:f5:big-iq_centralized_management::::::::
	cpe:2.3:a:f5:big-iq_centralized_management:7.0.0:::::::*

Configuration 15 (hide)

cpe:2.3:a:f5:iworkflow:2.3.0:*:*:*:*:*:*:*

Configuration 16 (hide)

cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*

History

21 Nov 2024, 04:46

Type	Values Removed	Values Added
References	~~() https://support.f5.com/csp/article/K89509323 - Vendor Advisory~~	() https://support.f5.com/csp/article/K89509323 - Vendor Advisory
References	~~() https://support.f5.com/csp/article/K89509323?utm_source=f5support&amp%3Butm_medium=RSS -~~	() https://support.f5.com/csp/article/K89509323?utm_source=f5support&amp%3Butm_medium=RSS -

Information

Published : 2019-09-25 18:15

Updated : 2024-11-21 04:46

NVD link : CVE-2019-6651

Mitre link : CVE-2019-6651

CVE.ORG link : CVE-2019-6651

JSON object : View

Products Affected

big-ip_advanced_firewall_manager
big-ip_analytics
big-ip_application_acceleration_manager
big-ip_fraud_protection_service
big-ip_link_controller
big-ip_access_policy_manager
big-ip_global_traffic_manager
big-ip_application_security_manager
big-ip_domain_name_system
big-iq_centralized_management
big-ip_local_traffic_manager
iworkflow
enterprise_manager
big-ip_webaccelerator
big-ip_policy_enforcement_manager
big-ip_edge_gateway

CWE

CWE-203

Observable Discrepancy

{"id": "CVE-2019-6651", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2019-09-25T18:15:13.307", "references": [{"url": "https://support.f5.com/csp/article/K89509323", "tags": ["Vendor Advisory"], "source": "f5sirt@f5.com"}, {"url": "https://support.f5.com/csp/article/K89509323?utm_source=f5support&amp%3Butm_medium=RSS", "source": "f5sirt@f5.com"}, {"url": "https://support.f5.com/csp/article/K89509323", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.f5.com/csp/article/K89509323?utm_source=f5support&amp%3Butm_medium=RSS", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-203"}]}], "descriptions": [{"lang": "en", "value": "In BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.5.1-11.6.4, BIG-IQ 7.0.0, 6.0.0-6.1.0,5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, the Configuration utility login page may not follow best security practices when handling a malicious request."}, {"lang": "es", "value": "En BIG-IP versiones 15.0.0, 14.1.0 hasta 14.1.0.6, 14.0.0 hasta 14.0.0.5, 13.0.0 hasta 13.1.1.5, 12.1.0 hasta 12.1.4.1, 11.5.1 hasta 11.6.4, BIG-IQ versiones 7.0.0, 6.0.0 hasta 6.1.0, 5.2.0 hasta 5.4.0, iWorkflow versi\u00f3n 2.3.0 y Enterprise Manager versi\u00f3n 3.1.1, la p\u00e1gina de inicio de sesi\u00f3n de la utilidad de Configuraci\u00f3n puede no seguir las mejores pr\u00e1cticas de seguridad al manejar una petici\u00f3n maliciosa."}], "lastModified": "2024-11-21T04:46:53.120", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "234289D9-B83D-4AAC-B8AD-E6CDD0404C20", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56D0EC5E-B613-4CAE-BF1A-94B9CE360892", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD46FE2F-5AFC-41E9-B0B3-5C7B060D1769", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C1090DE-95C8-4F75-8C52-C4CDCFD344C8", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F890036E-F382-48C5-A53D-0BC46357C66A", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDED361F-50F0-40CE-9927-A7275EA9D6B3", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B8AB93E-1D41-478F-BCAD-4A2D83E6F5DA", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB203313-0A75-44E6-B0ED-311AB89F7F9A", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "633C15F8-71C3-4D6F-8121-2B7588DD8252", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53A1FEF6-6445-43C7-ABD2-BB9943661CE8", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEC07719-850B-4956-ABC3-1B6CFA7DC0B1", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A48B5AB-6882-471B-ABB8-4EDEFD253158", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE31266E-FC9D-4AF7-97AC-BA797FB66ACC", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A36BB987-3E3C-4F8F-869E-09E1A95F211E", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E72DC66B-A5C7-40F8-BD1A-5D326C98AA77", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECF0B01D-4AFE-4399-A819-C78FA5F1A184", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B52E2155-0F38-443C-9339-B6D9276BD76C", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "630C36C6-AE5A-4D72-9BEE-420484A73A75", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33A5175D-871F-4BB7-90B0-59A206437493", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43A637D4-C424-42F7-BF1D-FB16FD2C01D0", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "419FF59A-CADF-4A09-A1AF-02AD29BBD981", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "978262C0-E7B8-468F-AA0D-0B5D0D8032B8", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3B2FBBC-03B9-4915-BCC8-6D64E56D1F27", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2542D743-D743-4036-AA17-D08174A2E226", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1F6B56D-FECA-43E8-A33F-1A187E6C1919", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A2B2FEE-8FCF-4AB7-8E35-762BA8A68A8A", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "434B9357-1FED-4F23-B494-873CCAD18EA4", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45A94ADE-1F7C-4817-A1D7-F5AA57FFB91C", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53D10F64-073A-4094-A3AA-7943E8A6C883", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49FAC4A8-09E6-452A-9934-0C0C98B2EC00", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F9BE633-C48F-432B-BCE2-C426B7A72153", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "459FF42F-598D-435A-B043-636E81FBF82D", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAC5A1B9-AD34-4BF6-86BD-C36BC838B665", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA8F52C5-5827-43EA-B812-7FF643AE582E", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F753CBB4-9D65-4E6A-A741-19EFDF9E7791", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA4F1CFB-0FD9-4AEB-BF25-093115F9D891"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A1001A5-0821-40CF-BECA-990A1BB22ED8", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A70C780-FEA3-4105-ACFA-86563BA532EF", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5589A836-E970-4F04-8940-AC6899FE665F", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4292537B-53B6-4D0F-8E69-1A7F1ABF3C2F", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB0E61DA-03C3-47CF-A83B-AAC2256EFC66", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12F0D363-0DE8-4E32-9187-D7ACA0868BD8"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2DEF575-10A6-43EF-AFDA-BEAE4EFEA518", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D2300C8-7B5D-4B8F-B3A4-9951CF92DE80", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E237EBC3-AD34-4C64-8E8C-27A884E30516", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8562C127-C750-451D-B2F3-E42C0392BE0A", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C93996F-AFC5-4024-82C1-DD92ECE5DD59", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3879431-2E02-4B6C-BB4F-C2FF631A0974"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D05AF4CB-84F8-4F10-9D57-793BA29D39FB", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ACFEBB4-A25C-4BBB-B26A-F48DD6431FBD", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0507B689-9F29-4522-834D-06C81BB3FB93", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F294F97A-94CF-450D-BDB0-AA2D546C75F8", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF5AF38E-FF64-404A-BB60-E4CC83C1CA3D", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA2F4E11-28BF-413E-8061-14D408F44C3B", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6BA7C53-5BBB-45F5-8A61-C44CDB673B52", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AB0EBA8-63EB-41DC-A044-B91F4F85DC2D", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C481587-2B8A-46C1-BCF0-1C8C31FB9722", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED951F66-7FB1-4F13-A886-044EC4A3D39E", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F093D46E-5A0B-4514-9E7B-C701FBA81A57", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CA4DEBE-A24D-4A56-90A6-FADF22123036", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9C19543-9082-4FCE-8AC5-52F249E02FB8", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7559EF53-6097-40D2-BBE2-5CB59F6E4FDA", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDCAEC2B-F429-4EE9-BC72-993A7FCCFD32", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45D0AF1B-9106-4C38-B1A2-87FC189ADBAB"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8483666C-1D94-47F9-96C4-294A3D452916", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6483DA57-692E-46D7-BF45-CD5B7A507644", "versionEndIncluding": "12.1.4.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C09C8A9-F1B4-46FD-8D31-62D86E834B67", "versionEndIncluding": "13.1.1.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAE403DD-C8AD-4B27-98C7-B0E0D3904A3B", "versionEndIncluding": "14.0.0.5", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A47F8411-36A4-4B09-AF40-75E7ACF23B9F", "versionEndIncluding": "14.1.0.6", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14A4E46D-F0DB-4201-9102-EC89FACBE780", "versionEndIncluding": "5.4.0", "versionStartIncluding": "5.2.0"}, {"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F37D18F2-8C6A-4557-85DC-2A751595423C", "versionEndIncluding": "6.1.0", "versionStartIncluding": "6.0.0"}, {"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B589C35-55F2-4D40-B5A6-8267EE20D627"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:iworkflow:2.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3CE7526-9630-48EF-81FB-44904AF0653F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040"}], "operator": "OR"}]}], "sourceIdentifier": "f5sirt@f5.com"}

5.3 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2019-6651

5.3^/10

5.0^/10

Attach tags to `CVE-2019-6651`