CVE-2019-6664

Published Nov 15, 2019

Last updated 4 years ago

CVSS high 7.5

Overview

Description: On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.
Source: f5sirt@f5.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A872294-C7E5-497E-9552-D66E9CC2FE29",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1604BEF8-D477-42D7-90C6-94E91CB4795E",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69312D88-C3EE-4E1C-8A75-223F768A16F9",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD31C9B9-5FA6-4625-BC1A-2F0CABBCE115",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52F87F8E-8367-4494-901C-307924DDE3EB",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E526C8EB-B685-4DDD-9DF5-88512D2D4662",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CBA69D7-13CB-43AB-9CA5-773327444562",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA4F1CFB-0FD9-4AEB-BF25-093115F9D891"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4679F821-AB5A-4AA4-BBEE-F9697239D036",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12F0D363-0DE8-4E32-9187-D7ACA0868BD8"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55D5080C-3A93-4FE1-85DE-97E1932C1C75",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3879431-2E02-4B6C-BB4F-C2FF631A0974"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A53CA87D-1FED-49D5-8165-489E6D2E7CD7",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "616FCF83-B8BD-4EEC-BE2D-4E90DD627A7F",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A953010-C7F4-4315-B357-CE37101AE356",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2039B56E-1F28-49AF-B080-A130E61D3C61",
            "versionEndExcluding": "14.1.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45D0AF1B-9106-4C38-B1A2-87FC189ADBAB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References