VAR-201903-0195
Vulnerability from variot - Updated: 2024-11-23 22:55In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility login page may not follow best security practices when handling a malicious request. plural BIG-IP The product contains vulnerabilities related to security functions.Information may be obtained. Multiple F5 BIG-IP Products are prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. BIG-IP 11.5.1 through 11.5.8 and 11.6.1 through 11.6.3 are vulnerable. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. Attackers can exploit this vulnerability to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0195",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip access policy manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip analytics",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip application security manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip domain name system",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip link controller",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.7"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.6"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.5"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.7"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.6"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.5"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.7"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.6"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip fps",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip fps",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip fps",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.7"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.6"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.5"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.7"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.6"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.5"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.3"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.2"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.8"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.7"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.5"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.9"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.9"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.9"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip fps",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip fps",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.9"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.9"
},
{
"model": "big-ip aam",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip aam",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.4"
},
{
"model": "big-ip aam",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.9"
}
],
"sources": [
{
"db": "BID",
"id": "107626"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003077"
},
{
"db": "NVD",
"id": "CVE-2019-6602"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:f5:big-ip_access_policy_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_advanced_firewall_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_analytics",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_application_acceleration_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_application_security_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_domain_name_system",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_edge_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_fraud_protection_service",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_global_traffic_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_link_controller",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_local_traffic_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_policy_enforcement_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_webaccelerator",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003077"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "107626"
}
],
"trust": 0.3
},
"cve": "CVE-2019-6602",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-6602",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-158037",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-6602",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-6602",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-6602",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-860",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-158037",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-158037"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-860"
},
{
"db": "NVD",
"id": "CVE-2019-6602"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility login page may not follow best security practices when handling a malicious request. plural BIG-IP The product contains vulnerabilities related to security functions.Information may be obtained. Multiple F5 BIG-IP Products are prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. \nBIG-IP 11.5.1 through 11.5.8 and 11.6.1 through 11.6.3 are vulnerable. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. Attackers can exploit this vulnerability to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6602"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003077"
},
{
"db": "BID",
"id": "107626"
},
{
"db": "VULHUB",
"id": "VHN-158037"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6602",
"trust": 2.8
},
{
"db": "BID",
"id": "107626",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003077",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-860",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-158037",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-158037"
},
{
"db": "BID",
"id": "107626"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-860"
},
{
"db": "NVD",
"id": "CVE-2019-6602"
}
]
},
"id": "VAR-201903-0195",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-158037"
}
],
"trust": 0.552724815
},
"last_update_date": "2024-11-23T22:55:39.146000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "K11818407",
"trust": 0.8,
"url": "https://support.f5.com/csp/article/K11818407"
},
{
"title": "F5 BIG-IP Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90342"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-860"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-203",
"trust": 1.1
},
{
"problemtype": "CWE-254",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-158037"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003077"
},
{
"db": "NVD",
"id": "CVE-2019-6602"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/107626"
},
{
"trust": 2.0,
"url": "https://support.f5.com/csp/article/k11818407"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6602"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6602"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/f5-big-ip-information-disclosure-via-rest-framework-login-page-28814"
},
{
"trust": 0.3,
"url": "http://www.f5.com/products/big-ip/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-158037"
},
{
"db": "BID",
"id": "107626"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-860"
},
{
"db": "NVD",
"id": "CVE-2019-6602"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-158037"
},
{
"db": "BID",
"id": "107626"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-860"
},
{
"db": "NVD",
"id": "CVE-2019-6602"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-28T00:00:00",
"db": "VULHUB",
"id": "VHN-158037"
},
{
"date": "2019-03-21T00:00:00",
"db": "BID",
"id": "107626"
},
{
"date": "2019-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003077"
},
{
"date": "2019-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-860"
},
{
"date": "2019-03-28T21:29:00.600000",
"db": "NVD",
"id": "CVE-2019-6602"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-158037"
},
{
"date": "2019-03-21T00:00:00",
"db": "BID",
"id": "107626"
},
{
"date": "2019-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003077"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-860"
},
{
"date": "2024-11-21T04:46:47.080000",
"db": "NVD",
"id": "CVE-2019-6602"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-860"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural BIG-IP Vulnerabilities related to security functions in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003077"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-860"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…