Search...

CVE-2019-6688

2019-12-23T18:15:00

ID CVE-2019-6688
Type cve
Reporter cve@mitre.org
Modified 2020-08-24T17:37:00

Description

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the secret that was being used to encrypt a BIG-IP UCS backup file while sending SNMP query to the BIG-IP or BIG-IQ system, however the user can not access to the UCS files.

JSON Vulners Source

Initial Source

{"id": "CVE-2019-6688", "bulletinFamily": "NVD", "title": "CVE-2019-6688", "description": "On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the secret that was being used to encrypt a BIG-IP UCS backup file while sending SNMP query to the BIG-IP or BIG-IQ system, however the user can not access to the UCS files.", "published": "2019-12-23T18:15:00", "modified": "2020-08-24T17:37:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6688", "reporter": "cve@mitre.org", "references": ["https://support.f5.com/csp/article/K25607522"], "cvelist": ["CVE-2019-6688"], "type": "cve", "lastseen": "2020-12-09T21:41:56", "edition": 16, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K25607522"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL25607522.NASL"]}], "modified": "2020-12-09T21:41:56", "rev": 2}, "score": {"value": 3.5, "vector": "NONE", "modified": "2020-12-09T21:41:56", "rev": 2}, "vulnersScore": 3.5}, "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.5", "cpe:/a:f5:big-ip_domain_name_system:12.1.5", "cpe:/a:f5:big-ip_link_controller:12.1.5", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.5", "cpe:/a:f5:big-ip_webaccelerator:12.1.5", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.5", "cpe:/a:f5:big-iq_centralized_management:6.1.0", "cpe:/a:f5:big-ip_application_security_manager:12.1.5", "cpe:/a:f5:big-iq_centralized_management:5.4.0", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.5", "cpe:/a:f5:big-ip_analytics:12.1.5", "cpe:/a:f5:big-ip_edge_gateway:12.1.5", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.5"], "affectedSoftware": [{"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-iq_centralized_management", "name": "f5 big-iq centralized management", "operator": "le", "version": "5.4.0"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-iq_centralized_management", "name": "f5 big-iq centralized management", "operator": "le", "version": "6.1.0"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "lt", "version": "14.1.2.3"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "lt", "version": "11.6.5.1"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "lt", "version": "15.1.0"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "lt", "version": "13.1.3.2"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "le", "version": "12.1.5"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "lt", "version": "14.0.1.1"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "lt", "version": "11.6.5.1"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4}, "cpe23": ["cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_edge_gateway:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-iq_centralized_management:6.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_webaccelerator:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-iq_centralized_management:5.4.0:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-noinfo"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.5:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.5", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:15.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "15.1.0", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.2.3:*:*:*:*:*:*:*", "versionEndExcluding": "14.1.2.3", "versionStartIncluding": "14.1.0", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-iq_centralized_management:5.4.0:*:*:*:*:*:*:*", "versionEndIncluding": "5.4.0", "versionStartIncluding": "5.2.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-iq_centralized_management:6.1.0:*:*:*:*:*:*:*", "versionEndIncluding": "6.1.0", "versionStartIncluding": "6.0.0", "vulnerable": true}], "operator": "OR"}]}}

{"f5": [{"lastseen": "2020-04-06T22:40:30", "bulletinFamily": "software", "cvelist": ["CVE-2019-6688"], "description": "\nF5 Product Development has assigned ID 738236 (BIG-IP and BIG-IQ) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 15.x | 15.0.0 - 15.0.1 | 15.1.0 \n15.0.1.3 | Low | [3.1](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N>) | Password used for UCS backups \n14.x | 14.1.0 - 14.1.2 \n14.0.0 - 14.0.1 | 14.1.2.3 \n14.0.1.1 \n13.x | 13.1.0 - 13.1.3 | 13.1.3.2 \n12.x | 12.1.0 - 12.1.5 | 12.1.5.1 \n11.x | 11.5.2 - 11.6.5 | 11.6.5.1 \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable2 | None | None \nBIG-IQ Centralized Management | 7.x | None | 7.0.0 | Low | [3.1](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N>) | Password used for UCS backups \n6.x | 6.0.0 - 6.1.0 | None \n5.x | 5.2.0 - 5.4.0 | None \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n2The specified products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you can disable all forms of user access by way of SNMP to the affected system, including the read-only access.\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K15113: BIG-IQ hotfix and point release matrix](<https://support.f5.com/csp/article/K15113>)\n * [K48955220: Installing an OPSWAT Endpoint Security update on BIG-IP APM systems (11.4.x and later)](<https://support.f5.com/csp/article/K48955220>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2020-03-27T17:20:00", "published": "2019-12-20T23:01:00", "id": "F5:K25607522", "href": "https://support.f5.com/csp/article/K25607522", "title": "BIG-IP vulnerability CVE-2019-6688", "type": "f5", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2020-03-30T23:20:51", "description": "A user can obtain the secretused to encrypt a BIG-IP UCS backup file\nwhile sending an SNMP query to the BIG-IP or BIG-IQ system;however,\nthe user cannot access the UCS files. (CVE-2019-6688)\n\nImpact\n\nBIG-IP and BIG-IQ\n\nThe SNMP user can obtain the secret used to encrypt the BIG-IP UCS\nbackup file.\n\nEnterprise Manager and Traffix SDC\n\nThese products are not affected by this vulnerability.", "edition": 6, "cvss3": {"score": 4.3, "vector": "AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}, "published": "2019-12-31T00:00:00", "title": "F5 Networks BIG-IP : BIG-IP vulnerability (K25607522)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6688"], "modified": "2019-12-31T00:00:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "id": "F5_BIGIP_SOL25607522.NASL", "href": "https://www.tenable.com/plugins/nessus/132560", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K25607522.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132560);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/30\");\n\n script_cve_id(\"CVE-2019-6688\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP vulnerability (K25607522)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A user can obtain the secretused to encrypt a BIG-IP UCS backup file\nwhile sending an SNMP query to the BIG-IP or BIG-IQ system;however,\nthe user cannot access the UCS files. (CVE-2019-6688)\n\nImpact\n\nBIG-IP and BIG-IQ\n\nThe SNMP user can obtain the secret used to encrypt the BIG-IP UCS\nbackup file.\n\nEnterprise Manager and Traffix SDC\n\nThese products are not affected by this vulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K25607522\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K25607522.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K25607522\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"14.0.0-14.0.1\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"15.1.0\",\"15.0.1.3\",\"14.1.2.3\",\"14.0.1.1\",\"13.1.3.2\",\"12.1.5.1\",\"11.6.5.1\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"14.0.0-14.0.1\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"15.1.0\",\"15.0.1.3\",\"14.1.2.3\",\"14.0.1.1\",\"13.1.3.2\",\"12.1.5.1\",\"11.6.5.1\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"14.0.0-14.0.1\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"15.1.0\",\"15.0.1.3\",\"14.1.2.3\",\"14.0.1.1\",\"13.1.3.2\",\"12.1.5.1\",\"11.6.5.1\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"14.0.0-14.0.1\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"15.1.0\",\"15.0.1.3\",\"14.1.2.3\",\"14.0.1.1\",\"13.1.3.2\",\"12.1.5.1\",\"11.6.5.1\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"14.0.0-14.0.1\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"15.1.0\",\"15.0.1.3\",\"14.1.2.3\",\"14.0.1.1\",\"13.1.3.2\",\"12.1.5.1\",\"11.6.5.1\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"14.0.0-14.0.1\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"15.1.0\",\"15.0.1.3\",\"14.1.2.3\",\"14.0.1.1\",\"13.1.3.2\",\"12.1.5.1\",\"11.6.5.1\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"14.0.0-14.0.1\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"15.1.0\",\"15.0.1.3\",\"14.1.2.3\",\"14.0.1.1\",\"13.1.3.2\",\"12.1.5.1\",\"11.6.5.1\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"14.0.0-14.0.1\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"15.1.0\",\"15.0.1.3\",\"14.1.2.3\",\"14.0.1.1\",\"13.1.3.2\",\"12.1.5.1\",\"11.6.5.1\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"14.0.0-14.0.1\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"15.1.0\",\"15.0.1.3\",\"14.1.2.3\",\"14.0.1.1\",\"13.1.3.2\",\"12.1.5.1\",\"11.6.5.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"14.0.0-14.0.1\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"15.1.0\",\"15.0.1.3\",\"14.1.2.3\",\"14.0.1.1\",\"13.1.3.2\",\"12.1.5.1\",\"11.6.5.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}]}