Lucene search
F5CVELIST:CVE-2019-6632HistoryJul 03, 2019 - 6:06 p.m.
CVE-2019-6632
2019-07-0318:06:01
f5
www.cve.org
0.0004 Low
EPSS
Percentile
12.7%
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to encrypted configuration and/or UCS files.
CNA Affected
[
{
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"status": "affected",
"version": "BIG-IP 14.1.0-14.1.0.5"
},
{
"status": "affected",
"version": "14.0.0-14.0.0.4"
},
{
"status": "affected",
"version": "13.0.0-13.1.1.4"
},
{
"status": "affected",
"version": "12.1.0-12.1.4"
}
]
}
]Related
nvd
nvd
CVE-2019-6632
2019-07-03 19:15:12
nessus
nessus
F5 Networks BIG-IP : vCMP vulnerability (K01413496)
2019-07-02 00:00:00
cve
cve
CVE-2019-6632
2019-07-03 19:15:12
f5
f5
K01413496 : vCMP vulnerability CVE-2019-6632
2019-07-01 00:00:00
prion
prion
Design/Logic Flaw
2019-07-03 19:15:00