CVE-2019-6606

Published Mar 28, 2019
Last updated 4 years ago
CVSS medium 4.3
Overview

Description: On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.
Source: f5sirt@f5.com
NVD status: Analyzed
Risk scores

CVSS 3.0

Type: Primary
Base score: 4.3
Impact score: 1.4
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:N/A:P
Weaknesses

nvd@nist.gov: CWE-401
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADF272B0-259D-4913-95AE-8621A3766FB0",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64B57535-53C6-44FC-815D-531F3FB4797E",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A33F717-7779-4998-B7D0-FEAD57F918EC",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8703B033-3A20-47A0-82DA-3ABC7578DFBB",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBC6246F-635B-45F4-ACF1-CBEF25FEB2DF",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89F0F227-3865-442E-8FC5-282DEA1FC528",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A38AE898-8C76-4CF6-A79B-973D2CF756DE",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDDA13E3-2F05-447F-9F03-63A1BFEC904B",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26A1FB10-2614-4A8B-B31C-69E90EBB6EBB",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D93B9D87-0EB8-4011-A106-4F835639EE70",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "056366BD-1F72-4DAF-8C0A-7B5C15054C8D",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87AF9718-1B10-475C-B596-64A553C8502C",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AF42EB5-FEB7-455B-A426-9084493A7606",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "579E04C5-EDD5-457A-ADEE-9E3B7E2F17A4",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7F21417-F817-462C-8CD8-E64623D45B9B",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2CE084F-4A02-4BFE-AE40-2AC12EC1616B",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECA81A2E-33BE-45A5-8148-1DF189FC9879",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D09A0C39-32DF-4607-8712-8937CC6AF60A",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4987B39-619F-4599-8740-98358B6DDDF9",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63DBD5C1-EF87-43F5-A319-304D6C1849D2",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29E6014A-CA29-408A-A7B2-13FBFD0694A8",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E2985B9-6EC3-4611-98EB-CAD506CA8A99",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB5D0E6B-7DB1-48F3-A1AE-2AC7B5EF778B",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E08A936-5CB0-44D3-89B8-F768CD8AD264",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E80D9241-E826-4E4B-B4CD-D81B149AFAE1",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF9BF9FD-3FFE-4185-A089-89100C0A446C",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95A324A2-741F-497E-AA95-6A737FE9633E",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D6D7537-A296-435B-AAC4-B12D5BCA8124",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "918D80CC-E31A-42B5-A1A8-55189FE841FE",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "326EB203-8816-4091-96EF-70F4DBFBDD6D",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE90FC3A-C0B4-4CFA-80A3-929871381613",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B88D9922-D4A3-4002-BCA6-B1BC926A8672",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "328B0CE8-4609-4D5F-981F-FB6C24E43730",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C81CBDB8-86A5-4A48-A7E1-F9B5239B6EAC",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B85D8D4F-8C69-4409-8561-F1621855B7FB",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "007DDA3E-BAE5-4EC7-BECA-AB87CFEA1E87",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1A16FC6-73F3-4D95-99A2-CAD5C3F7BD71",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13FD61C2-B588-415F-9E0D-C47D74D919A0",
            "versionEndIncluding": "11.6.3.4",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "768D6729-24D0-47C5-A905-9AF1E5ACBE85",
            "versionEndIncluding": "12.1.3.7",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52ABEB1F-5C4E-4CEE-8852-4D664BC320E6",
            "versionEndIncluding": "13.1.1.3",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4D3A77A-89E0-44DF-AA5B-EDEBCBB63060",
            "versionEndIncluding": "14.0.0.2",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
