K11818407 : REST Framework vulnerability CVE-2019-6602

2019-03-2100:00:00

my.f5.com

0.001 Low

EPSS

Percentile

50.9%

JSON

Security Advisory Description

The Configuration utility login page may not follow best security practices when handling a malicious request. (CVE-2019-6602)

Impact

BIG-IP

The Configuration utility login page returns an inconsistent HTTP response when processing modified requests; this may provide clues to an attacker looking to exploit vulnerabilities on the system.

BIG-IQ, Enterprise Manager, F5 iWorkflow, Traffix SDC

There is no impact; these F5 products are not affected by this vulnerability.

CPENameOperatorVersion
big-iq centralized managementeq5.0.0
big-iq centralized managementeq5.1.0
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-ip afmeq11.5.1
big-ip afmeq11.5.2

Name	Operator	Version
big-iq centralized management	eq	5.0.0
big-iq centralized management	eq	5.1.0
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2

Rows per page:

1-10 of 2351

0.001 Low

EPSS

Percentile

50.9%

JSON

Related for F5:K11818407