CVE-2019-6673

Published Nov 27, 2019

Last updated 4 years ago

CVSS high 7.5

Overview

Description: On versions 15.0.0-15.0.1 and 14.0.0-14.1.2, when the BIG-IP is configured in HTTP/2 Full Proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel (TMM).
Source: f5sirt@f5.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCBAF5C1-3761-47BB-AD8E-A55A64D33AF3",
            "versionEndIncluding": "14.1.2",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6A53E3C-3E09-4100-8D5A-10AD4973C230",
            "versionEndIncluding": "15.0.1",
            "versionStartIncluding": "15.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "925049D0-082E-4CED-9996-A55620A220CF",
            "versionEndIncluding": "14.1.2",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCAE28C2-0ADD-4FD0-A520-EFB764164DD8",
            "versionEndIncluding": "15.0.1",
            "versionStartIncluding": "15.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "037C035C-9CFC-4224-8264-6132252D11FD",
            "versionEndIncluding": "14.1.2",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59D9F39B-206B-4E76-A811-1CAA705A60EE",
            "versionEndIncluding": "15.0.1",
            "versionStartIncluding": "15.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE66A673-75EF-4AB3-AD4D-A1E70C7EFB08",
            "versionEndIncluding": "14.1.2",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70099A38-3B84-4C40-8590-BE6C8F7C21A7",
            "versionEndIncluding": "15.0.1",
            "versionStartIncluding": "15.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC39F6EE-478A-4638-B97D-3C25FD318F3D",
            "versionEndIncluding": "14.1.2",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18B5A918-F9AA-4889-94A7-33E6E54CF383",
            "versionEndIncluding": "15.0.1",
            "versionStartIncluding": "15.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "572B1078-60C4-4A71-A0F4-2E2F4FBC4102",
            "versionEndIncluding": "14.1.2",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA3E37E6-64B9-4668-AC01-933711E1C934",
            "versionEndIncluding": "15.0.1",
            "versionStartIncluding": "15.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C95403E8-A078-47E8-9B2F-F572D24C79EF",
            "versionEndIncluding": "14.1.2",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CCD3CF9-EA9D-43FF-8ADA-713B4B5C468E",
            "versionEndIncluding": "15.0.1",
            "versionStartIncluding": "15.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57A92EE2-FFC9-45C9-9454-7DFAB1F7EE11",
            "versionEndIncluding": "14.1.2",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC6612AB-E46B-4A8B-9B3E-C711D8C27962",
            "versionEndIncluding": "15.0.1",
            "versionStartIncluding": "15.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References