Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.F5_BIGIP_SOL93417064.NASLHistoryDec 31, 2019 - 12:00 a.m.
F5 Networks BIG-IP : MFC vulnerability (K93417064)
2019-12-3100:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
42.5%
The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.1 / 13.1.3.2 / 14.0.1.1 / 14.1.2.1 / 15.1.0. It is, therefore, affected by a vulnerability as referenced in the K93417064 advisory.
- On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache (MFC) handling in tmrouted. (CVE-2019-6681)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K93417064.
#
# The text description of this plugin is (C) F5 Networks.
#
include('compat.inc');
if (description)
{
script_id(132580);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/28");
script_cve_id("CVE-2019-6681");
script_name(english:"F5 Networks BIG-IP : MFC vulnerability (K93417064)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.1 / 13.1.3.2 / 14.0.1.1 / 14.1.2.1 /
15.1.0. It is, therefore, affected by a vulnerability as referenced in the K93417064 advisory.
- On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a
memory leak in Multicast Forwarding Cache (MFC) handling in tmrouted. (CVE-2019-6681)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://my.f5.com/manage/s/article/K93417064");
script_set_attribute(attribute:"solution", value:
"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K93417064.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-6681");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/23");
script_set_attribute(attribute:"patch_publication_date", value:"2019/12/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/31");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"F5 Networks Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("f5_bigip_detect.nbin");
script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version");
exit(0);
}
include('f5_func.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var version = get_kb_item('Host/BIG-IP/version');
if ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');
if ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');
if ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');
var sol = 'K93417064';
var vmatrix = {
'LTM': {
'affected': [
'15.0.0-15.0.1','14.1.0-14.1.2','14.0.0-14.0.1','13.1.0-13.1.3','12.1.0-12.1.5'
],
'unaffected': [
'15.1.0','14.1.2.1','14.0.1.1','13.1.3.2','12.1.5.1'
],
}
};
if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
var extra = NULL;
if (report_verbosity > 0) extra = bigip_report_get();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
}
else
{
var tested = bigip_get_tested_modules();
var audit_extra = 'For BIG-IP module(s) ' + tested + ',';
if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
else audit(AUDIT_HOST_NOT, 'running the affected module LTM');
}
Related
cvelist
cvelist
CVE-2019-6681
2019-12-23 17:10:07
f5
f5
K93417064 : MFC vulnerability CVE-2019-6681
2019-12-20 00:00:00
nvd
nvd
CVE-2019-6681
2019-12-23 18:15:11
cve
cve
CVE-2019-6681
2019-12-23 18:15:11
prion
prion
Design/Logic Flaw
2019-12-23 18:15:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
42.5%
Related for F5_BIGIP_SOL93417064.NASL