K04280042 : BIG-IP ASM vulnerability CVE-2019-6650

2019-09-1900:00:00

my.f5.com

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.2%

JSON

Security Advisory Description

F5 BIG-IP ASM may expose sensitive information and allow the system configuration to be modified when using non-default settings. (CVE-2019-6650)

Impact

The vulnerability is only present on multi-bladed systems (VIPRION) with BIG-IP ASM provisioned, on the following interfaces:

Management interface in versions before BIG-IP 14.1.0.
Any self IP with Port Lockdown configured asAllow All.

Note:Port Lockdowndefaults toAllow None.

In both of the previous configurations, a malicious actor may be able to connect to the affected interface to extract and/or modify sensitive information on the system.

CPENameOperatorVersion
big-iq centralized managementeq5.1.0
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-iq centralized managementeq7.0.0
big-ip afmeq11.5.10
big-ip afmeq11.5.2

Name	Operator	Version
big-iq centralized management	eq	5.1.0
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-iq centralized management	eq	7.0.0
big-ip afm	eq	11.5.10
big-ip afm	eq	11.5.2

Rows per page:

1-10 of 2821