CVE-2019-6620

Published Jul 2, 2019
Last updated 4 years ago
CVSS high 7.2
Overview

Description: On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4 and BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, an undisclosed iControl REST worker vulnerable to command injection for an Administrator user.
Source: f5sirt@f5.com
NVD status: Analyzed
Risk scores

CVSS 3.0

Type: Primary
Base score: 7.2
Impact score: 5.9
Exploitability score: 1.2
Vector string: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-78
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A057B236-8B7C-430D-B107-8FF96D132E73",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D7877E8-E50F-4DC6-867D-C19A8DB533E3",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C22F2CB-FA25-4326-9542-FED6F97262DD",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DA95898-45C0-44D7-B1B7-4D4A9BB92DE4",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33AF102E-2851-45B5-8C71-B393F34D4591",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E4EA2A9-C197-40D4-A6AE-A64D69536F99",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F602F8C-9548-47C4-A15E-FE52FDC37BFA",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8E161C7-38D1-47C8-A71E-E2B0734AAD13",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66FC8C37-629D-4FBA-9C79-615BDDCF7837",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66FCB095-3E70-472A-AB9D-60F001F3A539",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5275F08-E0D0-402D-812C-C72AE26D95BC",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04CBFE91-3C35-4B9C-A83C-9F890461F559",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42EBAE78-C03E-42C9-AC2D-D654A8DF8516",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75D817B1-EC06-4180-B272-067299818B09",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF225E1D-75DB-4E67-93A8-727E3A6F1896",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02B19255-1558-410B-A223-4B13D7CEF92D",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "255D11E3-F502-45CD-8958-5989F179574E",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E72B035F-97C1-41C6-B424-F3929B9D7A99",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9A5F789-854D-4C17-98FE-85EAD8000C09",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F748FCF9-EBD8-46B8-B37A-1B8065255D2D",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10A57948-C53A-4CD0-801B-7E801D08E112",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F367EED9-1F71-4720-BE53-3074FF6049C9",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8AC313F-4776-482C-B8E4-E3993820DA94",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8571BA08-0D43-4C79-94C7-25E23FD6939E",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E4A258E-4F20-4C3C-8269-CD7554539EC6",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A5E9908-C959-48FD-8FAC-C0FE329E6FD8",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1209416-7A72-4B4E-B493-DCB1A04A39E1",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00FD3E2F-2878-46CF-951D-40BA85F596E2",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DA668DC-EFB6-44C3-8521-47BB9F474DD1",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C23EFF81-0FF4-4B4A-BAC3-85EC62230099",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0915E0EA-4DBF-4D42-B533-7CB8674C5D97",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8725B2AB-8AC1-41FE-97E4-1AF55C068AA1",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24904D5C-58FF-49B0-B598-F798BAD110E6",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE11CCA1-58BF-462E-A0DE-49F3BC1C5499",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CCC67AD-46E4-40C5-AEED-C4691C731978",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB96530F-CA8F-45D4-A20B-511A625A03C2",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB112ABE-C07E-480F-8042-6321E602183D",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A751827-1169-408E-BCE6-A129BDDB489D",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF10D9A8-AC97-4864-B7E9-8209983B2489",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE79060F-7B66-410D-847C-9C01E1DAB1D6",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7865E258-CDA0-43A5-9945-81E07BF11A82",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CAECED76-81A2-4A0C-8C2E-24C235BB32DE",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19CF4C32-368F-42B3-B1EE-C59CC12EF745",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA189F4E-231D-443E-AE67-D056BA31020C",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B572C267-AF06-4270-8FDC-18EBDDED7879",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88B12CA1-E853-4898-8A06-F991BE19A27A",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B310516-87E6-453A-82E7-CDDB9F9D5E57",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "663E9E2F-DBB0-4625-BDEB-400CC7A9296D",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19428E8B-18C2-413A-A3C0-AC6AB9F952F2",
            "versionEndIncluding": "11.6.4",
            "versionStartIncluding": "11.5.2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6166E0DB-2BA5-454D-ABBC-9E4916436A44",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "117DFD13-51F9-46E8-B000-3364B7ED8364",
            "versionEndExcluding": "13.1.1.5",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE529031-9C19-4AA3-B0E1-2BF55A548594",
            "versionEndExcluding": "14.1.0.6",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "928A7D30-8099-47B8-A1D2-A4997F54C1C2",
            "versionEndIncluding": "5.4.0",
            "versionStartIncluding": "5.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F37D18F2-8C6A-4557-85DC-2A751595423C",
            "versionEndIncluding": "6.1.0",
            "versionStartIncluding": "6.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
