EUVD-2019-16191

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Attackers can decrypt configuration items due to insufficient randomness in vCMP configuration keys.

Reporter	Title	Published	Views	Family All 9
CNVD	F5 BIG-IP Encryption Problem Vulnerability	9 Jul 201900:00	–	cnvd
CVE	CVE-2019-6632	3 Jul 201918:06	–	cve
Cvelist	CVE-2019-6632	3 Jul 201918:06	–	cvelist
F5 Networks	K01413496: vCMP vulnerability CVE-2019-6632	21 Feb 202320:00	–	f5
Tenable Nessus	F5 Networks BIG-IP : vCMP vulnerability (K01413496)	2 Jul 201900:00	–	nessus
NVD	CVE-2019-6632	3 Jul 201919:15	–	nvd
OSV	CVE-2019-6632	3 Jul 201919:15	–	osv
Prion	Design/Logic Flaw	3 Jul 201919:15	–	prion
RedhatCVE	CVE-2019-6632	22 May 202508:46	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "2d825850-8fca-3d2d-86c4-19e031db41ed",
        "vendor": {
          "name": "F5"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "09c13c71-d309-3109-a163-0997ac7b2c1f",
        "product": {
          "name": "BIG-IP"
        },
        "product_version": "13.0.0-13.1.1.4"
      },
      {
        "id": "6a527e21-325c-3a42-8d6a-144d76e75e65",
        "product": {
          "name": "BIG-IP"
        },
        "product_version": "12.1.0-12.1.4"
      },
      {
        "id": "6cb4f625-7212-3ea7-b41c-f78734d35105",
        "product": {
          "name": "BIG-IP"
        },
        "product_version": "BIG-IP 14.1.0-14.1.0.5"
      },
      {
        "id": "c511c5b4-39da-3025-b6b8-d6e4c0edd4b6",
        "product": {
          "name": "BIG-IP"
        },
        "product_version": "14.0.0-14.0.0.4"
      }
    ]
  }
]

Source	Link
support	www.support.f5.com/csp/article/K01413496
securityfocus	www.securityfocus.com/bid/109112
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.5Medium risk

Vulners AI Score5.5

CVSS 35.5

CVSS 22.1

EPSS0.00114