CVE-2019-6644

2019-09-04T17:15:00
ID CVE-2019-6644
Type cve
Reporter cve@mitre.org
Modified 2019-09-09T17:04:00

Description

Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in debug mode and the port is accessible.