Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-111002
HistoryNov 27, 2019 - 12:00 a.m.

Multiple F5 Products CVE-2019-6665 Man in the Middle Security Bypass Vulnerability

2019-11-2700:00:00
Symantec Security Response
www.symantec.com
27

0.002 Low

EPSS

Percentile

57.5%

JSON

Description

Multiple F5 Products are prone to a security-bypass vulnerability. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. The following products are vulnerable: BIG-IP ASM 15.0.0 through 15.0.1 BIG-IP ASM 14.1.0 through 14.1.2 BIG-IP ASM 14.0.0 through 14.0.1 BIG-IP ASM 13.1.0 through 13.1.3.1Enterprise Manager 3.x versions prior to 3.1.1 BIG-IQ Centralized Management 6.0.0, and 5.2.0 - 5.4.0 F5 iWorkflow 2.x versions prior to 2.3.0

Technologies Affected

  • F5 BIG-IP ASM 13.1.0
  • F5 BIG-IP ASM 13.1.0.2
  • F5 BIG-IP ASM 13.1.0.4
  • F5 BIG-IP ASM 13.1.0.5
  • F5 BIG-IP ASM 13.1.0.6
  • F5 BIG-IP ASM 13.1.0.8
  • F5 BIG-IP ASM 13.1.1
  • F5 BIG-IP ASM 13.1.1.2
  • F5 BIG-IP ASM 13.1.1.3
  • F5 BIG-IP ASM 13.1.1.4
  • F5 BIG-IP ASM 13.1.1.5
  • F5 BIG-IP ASM 13.1.3
  • F5 BIG-IP ASM 13.1.3.1
  • F5 BIG-IP ASM 14.0.0
  • F5 BIG-IP ASM 14.0.0.2
  • F5 BIG-IP ASM 14.0.0.3
  • F5 BIG-IP ASM 14.0.0.4
  • F5 BIG-IP ASM 14.0.0.5
  • F5 BIG-IP ASM 14.0.1
  • F5 BIG-IP ASM 14.1.0
  • F5 BIG-IP ASM 14.1.0.1
  • F5 BIG-IP ASM 14.1.0.2
  • F5 BIG-IP ASM 14.1.0.5
  • F5 BIG-IP ASM 14.1.0.6
  • F5 BIG-IP ASM 14.1.2
  • F5 BIG-IP ASM 15.0.0
  • F5 BIG-IP ASM 15.0.1
  • F5 BIG-IQ Centralized Management 5.2.0
  • F5 BIG-IQ Centralized Management 5.3.0
  • F5 BIG-IQ Centralized Management 5.4.0
  • F5 BIG-IQ Centralized Management 6.0.0
  • F5 Enterprise Manager 3.0.0
  • F5 Enterprise Manager 3.0.1
  • F5 Enterprise Manager 3.0.2
  • F5 Enterprise Manager 3.0.3
  • F5 Enterprise Manager 3.0.4
  • F5 Enterprise Manager 3.0.5
  • F5 Enterprise Manager 3.0.6
  • F5 Enterprise Manager 3.1.0
  • F5 iWorkflow 2.0.0
  • F5 iWorkflow 2.0.1
  • F5 iWorkflow 2.2.0

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Do not use client software to communicate with untrusted sources.
To reduce the likelihood of exploits, connect to only trusted hosts and servers.

Updates are available. Please see the references or vendor advisory for more information.

References

Related

cve 1
f5 1
nessus 1
prion 1
osv 1
cvelist 1
nvd 1
cve
cve
CVE-2019-6665
2019-11-27 22:15:11
f5
f5
K26462555 : BIG-IP ASM and BIG-IQ/Enterprise Manager/F5 iWorkflow device authentication and trust vulnerability CVE-2019-6665
2019-11-26 00:00:00
nessus
nessus
F5 Networks BIG-IP : BIG-IP ASM and BIG-IQ/Enterprise Manager/F5 iWorkflow device authentication and trust vulnerability (K26462555)
2019-12-31 00:00:00
prion
prion
Design/Logic Flaw
2019-11-27 22:15:00
osv
osv
CVE-2019-6665
2019-11-27 22:15:11
cvelist
cvelist
CVE-2019-6665
2019-11-27 21:57:58
nvd
nvd
CVE-2019-6665
2019-11-27 22:15:11

0.002 Low

EPSS

Percentile

57.5%

JSON
Related for SMNTC-111002
cve1f51nessus1prion1osv1cvelist1nvd1