CVE-2019-6644

Published Sep 4, 2019
Last updated 4 years ago
CVSS critical 9.4
Overview

Description: Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in debug mode and the port is accessible.
Source: f5sirt@f5.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 9.4
Impact score: 5.5
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Severity: CRITICAL
CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD178DE9-510D-4CCD-81C8-59CEB93DC4CF",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B963FD8C-76B4-4B7B-B216-8BF72A3FA039",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E734E1C-A92F-4394-8F33-4429161BE47C"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A724B2F3-E3FA-456F-9581-0213358B654C"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F389C5E-72D8-4A75-875A-D088DCADCBE1",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9800D8A8-9156-4612-B74B-E00FEC747E5B",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1FDA72E-991D-4451-9C8E-E738F4D12728"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4BFA5B4-AFC0-4E4C-A4E7-ED7BFDC3411F"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97E22AC0-75DC-466D-B066-AD5DAB41DD68",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C118E89F-CC6C-4426-8E9F-715551E04A30",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "292EC144-CBA2-4275-9F70-4ED65A505B39"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22FF4312-2711-4526-B604-796E637139E9"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28593776-BE84-432C-AB66-4CF105FCB6CF",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3066A110-328A-40D6-AECC-A9CA07D7039E",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "622C877B-760A-4C50-9FDF-998C010B864E"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3F5F2BF-708F-40F6-9BD0-4779DE9A1785"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97B76447-55EC-43ED-88C5-FD3A0C3D60CA",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7094F0F8-3CCD-4D32-B07E-F05EF6A127DE",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44E8F4B6-ACF1-4F2C-A2A4-DF7382CCE628"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25DAD24A-2D43-498E-BC43-183B669EA1FD"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51FCCD73-3448-4FE5-A9CB-9EA03CF56A23",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8823CE34-0D6D-48E8-A1D4-B09A3F9447E9",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80509490-50DA-42F8-8A4A-A6F6B95649BA"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "907FEE11-DF3B-4BE7-9BAE-5F6BE20E469D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41C1B762-CC39-4027-85AA-7491F28F3286",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "487B7EC1-3864-41AF-963A-9A156E404972",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB76D898-4C7C-40E9-8539-E2A1BC7A5A66"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D185434C-67FE-4CD6-A139-BA2FCC9F8878"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DC8CD9E-8404-4429-A343-30CD2FC10F3C",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C940F821-CEF1-4EFA-9FBF-3DB58FDB4C73",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86D68F26-EF89-4016-BD3A-637951752AAA"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1013320D-D0EE-461E-AF90-049F82AC910E"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "262803BC-D86A-4883-869A-D5B721ABA997",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "203ED650-D4D0-414C-AAC7-AD61F78CF8A0",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADAD6E9A-F8B5-4B2D-B687-AEAB518B8F19"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BF46DCE-2603-4E61-87B8-352FF4111567"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85942235-FE85-4AE7-A549-BDF033C16C21",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D833D6A0-7B62-4EC2-8FEC-79F1617D8341",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23E592A7-B530-4932-A81D-D1B9ABD64047"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71666E6B-8615-4D7B-9A7B-2F6D048FE086"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B75E8C12-7F03-4C2F-8523-B9206E00DB35",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "477AD9C8-D7F5-48E7-8593-1BB57165D8BB",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CF10213-FBE4-47A5-8EF2-B45BF15BEB6D"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BDE4D90-5AE4-4183-997E-188FF17D497E"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA8B630C-D97F-4EFA-889A-9156C16139CB",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "536DE931-48EB-4CC8-BAD5-911B7BB3E926",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5A85C15-B821-4992-9B06-45767E7467D2"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE8EBE1A-2E66-4E40-8A11-8B6D21914E5F"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C25287F-27A7-4DE3-9ECC-BF4EFD9C7501",
            "versionEndIncluding": "12.1.4",
            "versionStartIncluding": "12.1.3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F2DDCEE-2840-43D0-896E-6456A7AE3897",
            "versionEndIncluding": "13.1.2",
            "versionStartIncluding": "13.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7BBEC67-BD2E-49D5-8294-977D975D98D0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C529A4BA-F1B7-4297-A9CC-2FF0EB2CB5AC"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
