Vulnerabilites related to f5 - big-ip_protocol_security_manager
cve-2019-6606
Vulnerability from cvelistv5
Published
2019-03-28 20:34
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.
References
▼ | URL | Tags |
---|---|---|
https://support.f5.com/csp/article/K35209601 | x_refsource_MISC | |
http://www.securityfocus.com/bid/107636 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) |
Version: 11.5.1-11.6.3.4 Version: 12.1.0-12.1.3.7 Version: 13.0.0-13.1.1.3 Version: 14.0.0-14.0.0.2 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:23:22.214Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.f5.com/csp/article/K35209601", }, { name: "107636", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107636", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", vendor: "BIG-IP", versions: [ { status: "affected", version: "11.5.1-11.6.3.4", }, { status: "affected", version: "12.1.0-12.1.3.7", }, { status: "affected", version: "13.0.0-13.1.1.3", }, { status: "affected", version: "14.0.0-14.0.0.2", }, ], }, ], datePublic: "2019-03-21T00:00:00", descriptions: [ { lang: "en", value: "On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.", }, ], problemTypes: [ { descriptions: [ { description: "DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-01T07:06:06", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.f5.com/csp/article/K35209601", }, { name: "107636", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107636", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", ID: "CVE-2019-6606", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", version: { version_data: [ { version_value: "11.5.1-11.6.3.4", }, { version_value: "12.1.0-12.1.3.7", }, { version_value: "13.0.0-13.1.1.3", }, { version_value: "14.0.0-14.0.0.2", }, ], }, }, ], }, vendor_name: "BIG-IP", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DoS", }, ], }, ], }, references: { reference_data: [ { name: "https://support.f5.com/csp/article/K35209601", refsource: "MISC", url: "https://support.f5.com/csp/article/K35209601", }, { name: "107636", refsource: "BID", url: "http://www.securityfocus.com/bid/107636", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2019-6606", datePublished: "2019-03-28T20:34:26", dateReserved: "2019-01-22T00:00:00", dateUpdated: "2024-08-04T20:23:22.214Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-6604
Vulnerability from cvelistv5
Published
2019-03-28 20:28
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.
References
▼ | URL | Tags |
---|---|---|
https://support.f5.com/csp/article/K26455071 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) |
Version: 11.5.1-11.5.8 Version: 11.6.1-11.6.3.4 Version: 12.1.0-12.1.3.6 Version: 13.0.0-13.1.1.1 Version: 14.0.0-14.0.0.2 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:23:22.056Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.f5.com/csp/article/K26455071", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", vendor: "BIG-IP", versions: [ { status: "affected", version: "11.5.1-11.5.8", }, { status: "affected", version: "11.6.1-11.6.3.4", }, { status: "affected", version: "12.1.0-12.1.3.6", }, { status: "affected", version: "13.0.0-13.1.1.1", }, { status: "affected", version: "14.0.0-14.0.0.2", }, ], }, ], datePublic: "2019-03-21T00:00:00", descriptions: [ { lang: "en", value: "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.", }, ], problemTypes: [ { descriptions: [ { description: "DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-28T20:28:52", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.f5.com/csp/article/K26455071", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", ID: "CVE-2019-6604", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", version: { version_data: [ { version_value: "11.5.1-11.5.8", }, { version_value: "11.6.1-11.6.3.4", }, { version_value: "12.1.0-12.1.3.6", }, { version_value: "13.0.0-13.1.1.1", }, { version_value: "14.0.0-14.0.0.2", }, ], }, }, ], }, vendor_name: "BIG-IP", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DoS", }, ], }, ], }, references: { reference_data: [ { name: "https://support.f5.com/csp/article/K26455071", refsource: "MISC", url: "https://support.f5.com/csp/article/K26455071", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2019-6604", datePublished: "2019-03-28T20:28:52", dateReserved: "2019-01-22T00:00:00", dateUpdated: "2024-08-04T20:23:22.056Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-6603
Vulnerability from cvelistv5
Published
2019-03-28 20:13
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.
References
▼ | URL | Tags |
---|---|---|
https://support.f5.com/csp/article/K14632915 | x_refsource_MISC | |
http://www.securityfocus.com/bid/107625 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) |
Version: 11.5.1-11.5.8 Version: 11.6.1-11.6.3 Version: 12.1.0-12.1.3 Version: 13.0.0-13.0.1 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:23:22.270Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.f5.com/csp/article/K14632915", }, { name: "107625", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107625", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", vendor: "BIG-IP", versions: [ { status: "affected", version: "11.5.1-11.5.8", }, { status: "affected", version: "11.6.1-11.6.3", }, { status: "affected", version: "12.1.0-12.1.3", }, { status: "affected", version: "13.0.0-13.0.1", }, ], }, ], datePublic: "2019-03-21T00:00:00", descriptions: [ { lang: "en", value: "In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.", }, ], problemTypes: [ { descriptions: [ { description: "DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-29T09:06:09", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.f5.com/csp/article/K14632915", }, { name: "107625", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107625", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", ID: "CVE-2019-6603", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", version: { version_data: [ { version_value: "11.5.1-11.5.8", }, { version_value: "11.6.1-11.6.3", }, { version_value: "12.1.0-12.1.3", }, { version_value: "13.0.0-13.0.1", }, ], }, }, ], }, vendor_name: "BIG-IP", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DoS", }, ], }, ], }, references: { reference_data: [ { name: "https://support.f5.com/csp/article/K14632915", refsource: "MISC", url: "https://support.f5.com/csp/article/K14632915", }, { name: "107625", refsource: "BID", url: "http://www.securityfocus.com/bid/107625", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2019-6603", datePublished: "2019-03-28T20:13:08", dateReserved: "2019-01-22T00:00:00", dateUpdated: "2024-08-04T20:23:22.270Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-4047
Vulnerability from cvelistv5
Published
2015-05-29 15:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:02.635Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3272", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3272", }, { name: "20150520 Re: 0-day Denial of Service in IPsec-Tools", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2015/May/83", }, { name: "FEDORA-2015-8968", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html", }, { name: "20150519 0-day Denial of Service in IPsec-Tools", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2015/May/81", }, { name: "FEDORA-2015-8948", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.altsci.com/ipsec/ipsec-tools-sa.html", }, { name: "1032397", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032397", }, { name: "[oss-security] 20150519 CVE Request: ipsec-tools", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/05/20/1", }, { name: "74739", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74739", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html", }, { name: "USN-2623-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2623-1", }, { name: "[oss-security] 20150521 Re: CVE Request: ipsec-tools", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/05/21/11", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K05013313", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-06T00:00:00", descriptions: [ { lang: "en", value: "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-26T14:06:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3272", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3272", }, { name: "20150520 Re: 0-day Denial of Service in IPsec-Tools", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2015/May/83", }, { name: "FEDORA-2015-8968", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html", }, { name: "20150519 0-day Denial of Service in IPsec-Tools", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2015/May/81", }, { name: "FEDORA-2015-8948", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.altsci.com/ipsec/ipsec-tools-sa.html", }, { name: "1032397", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032397", }, { name: "[oss-security] 20150519 CVE Request: ipsec-tools", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/05/20/1", }, { name: "74739", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74739", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html", }, { name: "USN-2623-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2623-1", }, { name: "[oss-security] 20150521 Re: CVE Request: ipsec-tools", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/05/21/11", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K05013313", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-4047", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3272", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3272", }, { name: "20150520 Re: 0-day Denial of Service in IPsec-Tools", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2015/May/83", }, { name: "FEDORA-2015-8968", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html", }, { name: "20150519 0-day Denial of Service in IPsec-Tools", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2015/May/81", }, { name: "FEDORA-2015-8948", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html", }, { name: "https://www.altsci.com/ipsec/ipsec-tools-sa.html", refsource: "MISC", url: "https://www.altsci.com/ipsec/ipsec-tools-sa.html", }, { name: "1032397", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032397", }, { name: "[oss-security] 20150519 CVE Request: ipsec-tools", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/05/20/1", }, { name: "74739", refsource: "BID", url: "http://www.securityfocus.com/bid/74739", }, { name: "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html", }, { name: "USN-2623-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2623-1", }, { name: "[oss-security] 20150521 Re: CVE Request: ipsec-tools", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/05/21/11", }, { name: "https://support.f5.com/csp/article/K05013313", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K05013313", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-4047", datePublished: "2015-05-29T15:00:00", dateReserved: "2015-05-20T00:00:00", dateUpdated: "2024-08-06T06:04:02.635Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-6608
Vulnerability from cvelistv5
Published
2019-03-28 20:46
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.
References
▼ | URL | Tags |
---|---|---|
https://support.f5.com/csp/article/K12139752 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) |
Version: 11.5.1-11.6.3 Version: 12.1.0-12.1.3 Version: 13.0.0-13.1.1.1 Version: 14.0.0-14.0.0.2 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:23:22.054Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.f5.com/csp/article/K12139752", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", vendor: "BIG-IP", versions: [ { status: "affected", version: "11.5.1-11.6.3", }, { status: "affected", version: "12.1.0-12.1.3", }, { status: "affected", version: "13.0.0-13.1.1.1", }, { status: "affected", version: "14.0.0-14.0.0.2", }, ], }, ], datePublic: "2019-03-21T00:00:00", descriptions: [ { lang: "en", value: "On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.", }, ], problemTypes: [ { descriptions: [ { description: "DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-28T20:46:53", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.f5.com/csp/article/K12139752", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", ID: "CVE-2019-6608", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", version: { version_data: [ { version_value: "11.5.1-11.6.3", }, { version_value: "12.1.0-12.1.3", }, { version_value: "13.0.0-13.1.1.1", }, { version_value: "14.0.0-14.0.0.2", }, ], }, }, ], }, vendor_name: "BIG-IP", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DoS", }, ], }, ], }, references: { reference_data: [ { name: "https://support.f5.com/csp/article/K12139752", refsource: "MISC", url: "https://support.f5.com/csp/article/K12139752", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2019-6608", datePublished: "2019-03-28T20:46:53", dateReserved: "2019-01-22T00:00:00", dateUpdated: "2024-08-04T20:23:22.054Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-6605
Vulnerability from cvelistv5
Published
2019-03-28 20:23
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service.
References
▼ | URL | Tags |
---|---|---|
https://support.f5.com/csp/article/K45353544 | x_refsource_MISC | |
http://www.securityfocus.com/bid/107629 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) |
Version: 11.5.1-11.5.8 Version: 11.6.1-11.6.3.4 Version: 12.0.0 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:23:22.106Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.f5.com/csp/article/K45353544", }, { name: "107629", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107629", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", vendor: "BIG-IP", versions: [ { status: "affected", version: "11.5.1-11.5.8", }, { status: "affected", version: "11.6.1-11.6.3.4", }, { status: "affected", version: "12.0.0", }, ], }, ], datePublic: "2019-03-21T00:00:00", descriptions: [ { lang: "en", value: "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service.", }, ], problemTypes: [ { descriptions: [ { description: "DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-29T11:06:07", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.f5.com/csp/article/K45353544", }, { name: "107629", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107629", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", ID: "CVE-2019-6605", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", version: { version_data: [ { version_value: "11.5.1-11.5.8", }, { version_value: "11.6.1-11.6.3.4", }, { version_value: "12.0.0", }, ], }, }, ], }, vendor_name: "BIG-IP", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DoS", }, ], }, ], }, references: { reference_data: [ { name: "https://support.f5.com/csp/article/K45353544", refsource: "MISC", url: "https://support.f5.com/csp/article/K45353544", }, { name: "107629", refsource: "BID", url: "http://www.securityfocus.com/bid/107629", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2019-6605", datePublished: "2019-03-28T20:23:18", dateReserved: "2019-01-22T00:00:00", dateUpdated: "2024-08-04T20:23:22.106Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-4420
Vulnerability from cvelistv5
Published
2009-12-24 17:00
Modified
2024-08-07 07:01
Severity ?
EPSS score ?
Summary
Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id?1023386 | vdb-entry, x_refsource_SECTRACK | |
https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html | x_refsource_CONFIRM | |
http://osvdb.org/61297 | vdb-entry, x_refsource_OSVDB | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/55005 | vdb-entry, x_refsource_XF | |
http://www.vupen.com/english/advisories/2009/3627 | vdb-entry, x_refsource_VUPEN | |
http://secunia.com/advisories/37805 | third-party-advisory, x_refsource_SECUNIA | |
http://www.securityfocus.com/bid/37452 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T07:01:20.167Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1023386", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1023386", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html", }, { name: "61297", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/61297", }, { name: "bigip-asm-psm-bd-dos(55005)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005", }, { name: "ADV-2009-3627", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/3627", }, { name: "37805", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/37805", }, { name: "37452", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/37452", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-12-23T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1023386", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1023386", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html", }, { name: "61297", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/61297", }, { name: "bigip-asm-psm-bd-dos(55005)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005", }, { name: "ADV-2009-3627", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/3627", }, { name: "37805", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/37805", }, { name: "37452", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/37452", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-4420", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1023386", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1023386", }, { name: "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html", refsource: "CONFIRM", url: "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html", }, { name: "61297", refsource: "OSVDB", url: "http://osvdb.org/61297", }, { name: "bigip-asm-psm-bd-dos(55005)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005", }, { name: "ADV-2009-3627", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/3627", }, { name: "37805", refsource: "SECUNIA", url: "http://secunia.com/advisories/37805", }, { name: "37452", refsource: "BID", url: "http://www.securityfocus.com/bid/37452", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-4420", datePublished: "2009-12-24T17:00:00", dateReserved: "2009-12-24T00:00:00", dateUpdated: "2024-08-07T07:01:20.167Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2015-05-29 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ipsec-tools:ipsec-tools:0.8.2:*:*:*:*:*:*:*", matchCriteriaId: "B4F6D424-26B7-4CD2-80B4-96FBA9E2FA5C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "55C26031-A354-4E19-A1C3-415336B2E7C5", versionEndIncluding: "11.6.4", versionStartIncluding: "11.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3B9AF8FC-B730-428D-B317-86ABEF924299", versionEndIncluding: "12.1.4", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A53BE5FB-7405-4952-B3BD-6B0B8213F98A", versionEndIncluding: "11.6.4", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1A2670B3-1A96-4E72-A316-0AF826E8EC8B", versionEndIncluding: "12.1.4", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "69FBB7A9-69E7-4E84-ABBF-3430FA4FB757", versionEndIncluding: "11.6.4", versionStartIncluding: "11.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5AD67D31-7FB8-4A3F-915D-385617E21428", versionEndIncluding: "12.1.4", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "9970DEE7-9ED1-496F-A5DD-D41A0E13968E", versionEndIncluding: "11.6.4", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "2620230F-1D8D-423D-953E-9EEF934C56DD", versionEndIncluding: "12.1.4", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D1488BC3-CBE9-4944-8573-D7EBE36713B8", versionEndIncluding: "11.6.4", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "17D2F203-B830-42E5-AE54-17453F72A45D", versionEndIncluding: "12.1.4", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "79157FB3-C12D-4E05-81A3-776381822B2F", versionEndIncluding: "11.6.4", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "283155E5-EEAB-4E05-A0E7-B9C5077A5029", versionEndIncluding: "12.1.4", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "E90D8985-EDE3-4613-9B4A-E3929D1D3721", versionEndIncluding: "12.1.4", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3F2F72B2-84F2-4FA2-9B53-E98344235EB6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C8942D9D-8E3A-4876-8E93-ED8D201FF546", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3A3BBF17-573E-430A-86CB-A9A2A47940E3", versionEndIncluding: "11.6.4", versionStartIncluding: "11.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "BEB08984-6E30-41C0-B283-66D2AAE1E8B7", versionEndIncluding: "11.6.4", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "72ED4B6A-EC5B-400E-88B7-6C986FC5BC4F", versionEndIncluding: "12.1.4", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E859BDBF-D0E7-4621-83F3-4079EEB111BC", versionEndIncluding: "11.6.4", versionStartIncluding: "11.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "37257612-FAA4-4004-A4D3-4624F06F0615", versionEndIncluding: "12.1.4", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "96B6E81C-8DCA-4560-ABD7-8FB73FBE3824", versionEndIncluding: "11.4.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "68BC025A-D45E-45FB-A4E4-1C89320B5BBE", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "7C75978B-566B-4353-8716-099CB8790EE0", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*", matchCriteriaId: "C9768142-C554-44DE-B8D5-45CB51E3C34C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*", matchCriteriaId: "24AEF0B2-7C8C-432C-A840-C2441A70343F", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*", matchCriteriaId: "8C8BF865-BA45-4711-829F-EC8E5EA22D2F", versionEndIncluding: "4.5.0", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E21D6206-4716-47FE-A733-F18343656E94", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*", matchCriteriaId: "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6", versionEndIncluding: "4.5.0", versionStartIncluding: "4.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*", matchCriteriaId: "6B3E56EB-202A-4F58-8E94-B2DDA1693498", versionEndIncluding: "4.5.0", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "482E630B-93A1-4B9B-8273-821C116ADC4F", versionEndIncluding: "3.1.1", versionStartIncluding: "3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.", }, { lang: "es", value: "racoon/gssapi.c en IPsec-Tools 0.8.2 permite a atacantes remotos causar una denegación de servicios (referencia a puntero nulo y caída de demonio IKE) a través de una serie de solicitudes UDP manipuladas.", }, ], id: "CVE-2015-4047", lastModified: "2024-11-21T02:30:21.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-05-29T15:59:19.030", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2015/May/81", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2015/May/83", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3272", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/05/20/1", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/05/21/11", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/74739", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032397", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2623-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K05013313", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.altsci.com/ipsec/ipsec-tools-sa.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2015/May/81", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2015/May/83", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/05/20/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/05/21/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/74739", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2623-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K05013313", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.altsci.com/ipsec/ipsec-tools-sa.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-12-24 17:30
Modified
2024-11-21 01:09
Severity ?
Summary
Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
f5 | big-ip_protocol_security_module | 10.0.0 | |
f5 | big-ip_application_security_manager | 9.4.4 | |
f5 | big-ip_application_security_manager | 9.4.5 | |
f5 | big-ip_application_security_manager | 9.4.6 | |
f5 | big-ip_application_security_manager | 9.4.7 | |
f5 | big-ip_application_security_manager | 10.0.0 | |
f5 | big-ip_application_security_manager | 10.0.1 | |
f5 | big-ip_protocol_security_manager | 9.4.5 | |
f5 | big-ip_protocol_security_manager | 9.4.6 | |
f5 | big-ip_protocol_security_manager | 9.4.7 | |
f5 | big-ip_protocol_security_manager | 10.0.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2691943C-1FD1-43EE-B070-E35710E426ED", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*", matchCriteriaId: "CEABC433-37BD-4A53-A872-92564807F022", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*", matchCriteriaId: "409B66AC-292F-426D-A908-D6D865A25CA8", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*", matchCriteriaId: "AEAA4B9A-B1FB-4273-A0B3-A69F49D940D8", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*", matchCriteriaId: "44D22108-C65D-4BB4-8141-B05F053863BD", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B42FE789-9F15-4450-B1B8-7D2A044A26A8", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*", matchCriteriaId: "8B598A78-EF2C-461F-844E-84B0971A2F5D", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.5:*:*:*:*:*:*:*", matchCriteriaId: "5AE2CC21-3B8B-443B-A427-482B8A9D80DD", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.6:*:*:*:*:*:*:*", matchCriteriaId: "50191BEE-7001-43DC-8AEE-01E233594752", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.7:*:*:*:*:*:*:*", matchCriteriaId: "178C7BDD-639E-4472-BEDE-9187CD50DA4F", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:10.0.1:*:*:*:*:*:*:*", matchCriteriaId: "07B38707-9BD0-4E41-93A4-CCDDF1E8BC73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.", }, { lang: "es", value: "Desbordamiento de buffer en el demonio bd en F5 Networks BIG-IP Application Security Manager (ASM) v9.4.4 hasta v9.4.7 y v10.0.0 hasta v10.0.1, y Protocol Security Manager (PSM) v9.4.5 hasta v9.4.7 y v10.0.0 hasta v10.0.1, permite a atacantes remotos causar una denegación de servicio (caída) a través de vectores desconocidos. NOTA: algunos de estos detalles se han obtenido de información de terceros.", }, ], id: "CVE-2009-4420", lastModified: "2024-11-21T01:09:36.150", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-12-24T17:30:00.280", references: [ { source: "cve@mitre.org", url: "http://osvdb.org/61297", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/37805", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/37452", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1023386", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/3627", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005", }, { source: "cve@mitre.org", url: "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/61297", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/37805", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/37452", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1023386", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/3627", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
Summary
On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.
References
▼ | URL | Tags | |
---|---|---|---|
f5sirt@f5.com | http://www.securityfocus.com/bid/107636 | Third Party Advisory, VDB Entry | |
f5sirt@f5.com | https://support.f5.com/csp/article/K35209601 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107636 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K35209601 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "ADF272B0-259D-4913-95AE-8621A3766FB0", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "64B57535-53C6-44FC-815D-531F3FB4797E", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6A33F717-7779-4998-B7D0-FEAD57F918EC", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E021297A-FD19-446B-B526-7516503B6D24", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8703B033-3A20-47A0-82DA-3ABC7578DFBB", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EBC6246F-635B-45F4-ACF1-CBEF25FEB2DF", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "89F0F227-3865-442E-8FC5-282DEA1FC528", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9032E773-CAB2-4108-A86B-04A8383663BE", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A38AE898-8C76-4CF6-A79B-973D2CF756DE", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BDDA13E3-2F05-447F-9F03-63A1BFEC904B", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "26A1FB10-2614-4A8B-B31C-69E90EBB6EBB", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "51218200-4536-4ED9-AA9A-301E2B30B829", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "D93B9D87-0EB8-4011-A106-4F835639EE70", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "056366BD-1F72-4DAF-8C0A-7B5C15054C8D", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "87AF9718-1B10-475C-B596-64A553C8502C", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "57F6C963-A1BF-4579-9345-D0207269577A", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "8AF42EB5-FEB7-455B-A426-9084493A7606", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "579E04C5-EDD5-457A-ADEE-9E3B7E2F17A4", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "D7F21417-F817-462C-8CD8-E64623D45B9B", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "DC6B989A-BA55-47F5-8269-D9FA435ECC29", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B2CE084F-4A02-4BFE-AE40-2AC12EC1616B", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "ECA81A2E-33BE-45A5-8148-1DF189FC9879", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D09A0C39-32DF-4607-8712-8937CC6AF60A", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F534EADF-DA49-4EDD-97F8-C4046E890D8B", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "F4987B39-619F-4599-8740-98358B6DDDF9", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "63DBD5C1-EF87-43F5-A319-304D6C1849D2", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "29E6014A-CA29-408A-A7B2-13FBFD0694A8", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3E2985B9-6EC3-4611-98EB-CAD506CA8A99", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EB5D0E6B-7DB1-48F3-A1AE-2AC7B5EF778B", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9E08A936-5CB0-44D3-89B8-F768CD8AD264", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B3A526B1-EB66-497F-B8B5-45205781B323", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E80D9241-E826-4E4B-B4CD-D81B149AFAE1", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BF9BF9FD-3FFE-4185-A089-89100C0A446C", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "95A324A2-741F-497E-AA95-6A737FE9633E", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "90DBE74F-6E43-448F-9479-8FD75D5DCC22", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9D6D7537-A296-435B-AAC4-B12D5BCA8124", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "918D80CC-E31A-42B5-A1A8-55189FE841FE", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "326EB203-8816-4091-96EF-70F4DBFBDD6D", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "AE90FC3A-C0B4-4CFA-80A3-929871381613", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "B88D9922-D4A3-4002-BCA6-B1BC926A8672", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "328B0CE8-4609-4D5F-981F-FB6C24E43730", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "C81CBDB8-86A5-4A48-A7E1-F9B5239B6EAC", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "E6ADE585-616C-4B40-A40C-EE97A8FAC653", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "B85D8D4F-8C69-4409-8561-F1621855B7FB", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "007DDA3E-BAE5-4EC7-BECA-AB87CFEA1E87", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "E1A16FC6-73F3-4D95-99A2-CAD5C3F7BD71", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "224F2348-19DC-4242-8A1E-5F5BDCB86B9C", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "13FD61C2-B588-415F-9E0D-C47D74D919A0", versionEndIncluding: "11.6.3.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "768D6729-24D0-47C5-A905-9AF1E5ACBE85", versionEndIncluding: "12.1.3.7", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "52ABEB1F-5C4E-4CEE-8852-4D664BC320E6", versionEndIncluding: "13.1.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B4D3A77A-89E0-44DF-AA5B-EDEBCBB63060", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.", }, { lang: "es", value: "EN BIG-IP, en versiones 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3 y 14.0.0-14.0.0.2, al procesar determinadas peticiones SNMP con un \"request-id\" de 0, el proceso snmpd puede divulgar una pequeña cantidad de memoria.", }, ], id: "CVE-2019-6606", lastModified: "2024-11-21T04:46:47.543", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-28T21:29:00.743", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107636", }, { source: "f5sirt@f5.com", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K35209601", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107636", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K35209601", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
Summary
In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.
References
▼ | URL | Tags | |
---|---|---|---|
f5sirt@f5.com | http://www.securityfocus.com/bid/107625 | Third Party Advisory, VDB Entry | |
f5sirt@f5.com | https://support.f5.com/csp/article/K14632915 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107625 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K14632915 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5917BC9C-20D5-46B1-8CAE-FF13944A6826", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5CC4967B-F2FC-4A94-8A6D-469D5B9F98AA", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6BB42D3A-71EE-4367-9F65-86404D74E59D", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D851DC0C-616D-4274-9CAF-5CBDB0E6CD14", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5CBAF023-ECDC-46AA-877C-FEC138154BF9", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2749969B-5CDD-42A4-9DE3-DE111D41969F", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E5011C2D-FBB5-4117-BB97-11DE70117345", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3D22FE2C-CC72-42C8-B68B-CEBE002D0787", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D8B08497-08EC-4841-A3CE-CD8ABFEF5776", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "14E85172-80FB-4A48-A02F-B2BCEEEFD764", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E5D00EED-F95D-4458-BDC4-3390DE85348B", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "988EB5E2-6099-41A5-BE4F-CA3999C335AE", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "7325E534-6B65-49B8-988A-DE697261FF8E", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "13414479-696D-41FB-919F-783741919610", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "6A11E433-943D-4D92-B45E-3FA268094278", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "FA780928-B3CA-42A5-B39B-B07F64733B52", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "BC16DB86-DCA7-4E8F-A14E-19CD56860700", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "C1A6391D-E411-472A-A714-88D435789095", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "D4C3D6F5-D94D-46A3-991C-A11275B59F8E", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "BCA2B639-DDB9-49B8-B792-5C8D0454FD03", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3ED5BCF6-E0BB-4EC9-B5E2-C4AF013BB074", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "288029B5-863C-492C-83A6-C206A85201ED", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5A2564C2-BD67-4DDE-A122-74F7E6C22318", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "18635B65-806D-4F10-A853-87F870E981F7", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "73EFB5D4-2BB0-402C-8CE2-5F33A68C42AD", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "60189636-02D6-44CA-BE2A-7777E3C409CD", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "5ACAA88B-9AFB-4D06-91CB-F73070FFFFD9", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EBAB68BD-C800-46A8-8FC7-87AAE84EE4C4", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "CB73A745-E16B-4084-8CBE-FBBF8F52E72E", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "733198D0-FF68-410D-86B9-21CE3C353916", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "858B5DF1-A47F-467D-958D-77F5041BDB0A", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4016BD06-2BC7-4CBD-806F-2ED718E2418C", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5AD75094-3248-4D37-969E-75272F6F31D6", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "03A2FE7F-4668-47E5-906D-F89AEBC30545", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "60A7F3D6-8E27-4226-A30E-FE285D269FF4", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "CE827D8E-CD6E-430B-AF9F-C0BCF7373E0E", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1160D8C7-32E7-4837-AF7B-6F056255B5A2", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2BD4ACCC-DC43-4AF4-AB71-86A0EBCE194F", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "E52F2B50-314C-4F02-AF3B-EAF8109A5B04", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "FD85C59D-43E8-4091-B0F6-5ACC40CC7257", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "1FE1518D-8F83-47E9-B183-A998FA8B7CE2", versionEndIncluding: "12.1.3", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "10B05525-4E48-4627-AF46-2A07D7DBFF32", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "AEF3D694-93F5-4929-A9C0-BC2D7E9C3252", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "A5455A25-7557-4801-BC0F-8E78149A883C", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "79344F94-2CB8-4F08-9373-61614A38476C", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "ABBA0EE3-7A16-49CB-BE53-4E371AA4111F", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5E1A42AA-059E-48D2-8564-6886CB48C41A", versionEndIncluding: "11.5.8", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "961AFB08-734F-4C41-BE91-B4649B23E45F", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "397AC4A5-B67C-483B-84F7-8CB294BB460C", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C56B7CD3-4224-4CF8-8FAB-9F44DAC1BE3F", versionEndIncluding: "13.0.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.", }, { lang: "es", value: "En BP, en versiones 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3 y 13.0.0-13.0.1, los paquetes TCP mal formados enviados a una dirección IP propia o a un servidor virtual FastL4 podrían provocar una interrupción en el servicio. El plano de control no se ha visto expuesto a este problema. Este problema impacta a los servidores virtuales y a las IP propias del plano de datos.", }, ], id: "CVE-2019-6603", lastModified: "2024-11-21T04:46:47.190", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-28T21:29:00.633", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107625", }, { source: "f5sirt@f5.com", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K14632915", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107625", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K14632915", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
Summary
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
f5sirt@f5.com | http://www.securityfocus.com/bid/107629 | Third Party Advisory, VDB Entry | |
f5sirt@f5.com | https://support.f5.com/csp/article/K45353544 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107629 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K45353544 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EC90E910-6E08-4D41-934F-6D1C4CC1BA72", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0B5ED0C3-7E6F-45FB-BFAC-71B77132D95B", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "82DA9C55-1423-47E2-B1C6-4EC7338C5BB6", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "08C32055-1795-4E4E-9C41-EDA32D8EF115", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E7A40635-17AF-4173-AE4E-D4207FEA888F", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "297BBFB8-43E0-421B-B0F9-03C4A701796D", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DA659989-316F-4CA3-A735-E6B90D5330D0", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EC0B5E9E-F3E0-4B46-8881-A8A09781D7CA", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4324996C-61A1-4903-ADD9-57665D8A8792", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "BCC1011E-6181-4E12-953E-A86984EEF565", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "62F3C18D-06E2-49FC-AD61-73BBD49594F6", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "050F2924-F037-40C1-91D5-8AAE5D04C5CE", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "E2A2DF05-A5FC-44F2-9F4B-418568F51DD2", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "4492163B-7B42-40C1-8C91-990AD529C19C", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "594447D1-3366-46BE-AFD4-587D195FB9BF", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D8ADAED3-44EA-4CA8-BAC9-DBAF0DC3374D", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "75CDEE23-33A4-4367-813B-21F0011F42E5", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "30DE83C7-D98E-4155-A9BC-B02A3E92DCFD", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "E9599203-C7F7-44FF-A64B-C391EA90C486", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "6630C351-9F64-4AAB-87D2-1980471C34E9", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "3BEBE8BA-1395-4304-91B9-8A6F458FDF37", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9F4475CF-0CC9-40C1-B49C-9583964C3B4D", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BE773753-5213-4AD6-AEFE-3F4878237752", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9FF9F6C2-2798-4012-96A8-CA0CCFDBBBD1", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2696A042-D2C5-4EF2-AF06-99C2C3AAC6A4", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "64EB16A5-CE35-4D0C-9B6F-5DBAD8A0115E", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "23EF00D2-73BA-4628-B85A-3C733C266FB2", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C92DD4DF-DB93-424A-9F2B-97BE90F95C04", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EB1C6C08-58D1-4132-9E8B-8AD89323EAB5", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8F699D81-BF49-4584-A538-E3C9FD51A3F3", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "B10D3F14-3996-452D-8942-9F4BE5CFF0FE", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "41BB68CE-FE2F-427E-BF59-987B42F853E8", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "B3831DDA-D376-47E2-82D7-D5A316A2CB22", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "39319EBA-C004-4F9F-B534-AE553F14CB3E", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "6238331B-22F9-437D-92E9-67217910CC6C", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "31F91152-D9CF-4444-A3A0-81AAF335226E", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F4C52A77-A69C-42D4-BD1C-85AE831A7119", versionEndExcluding: "11.5.9", versionStartIncluding: "11.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FD07C3A4-E070-4C97-B78D-2360664335F1", versionEndExcluding: "11.6.4", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "64AEA4EA-C960-4D68-87DF-52A686773D72", versionEndExcluding: "12.1.0", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service.", }, { lang: "es", value: "En BIG-IP, en versiones 11.5.1-11.5.8, 11.6.1-11.6.3 y 12.0.x, una secuencia no revelada de paquetes recibidos desde un servidor SSL virtual que son procesados por un SSL cliente asociado o perfil SSL del servidor podría conducir a una denegación de servicio (DoS).", }, ], id: "CVE-2019-6605", lastModified: "2024-11-21T04:46:47.430", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-28T21:29:00.710", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107629", }, { source: "f5sirt@f5.com", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K45353544", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107629", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K45353544", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
Summary
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.
References
▼ | URL | Tags | |
---|---|---|---|
f5sirt@f5.com | https://support.f5.com/csp/article/K26455071 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K26455071 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "34520974-8346-4012-B191-F9F3B49C9A87", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0B60D2B3-22C5-49CA-BB8A-7BBFE60CAFB5", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6BB42D3A-71EE-4367-9F65-86404D74E59D", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1331467F-B278-485E-AD91-7D0643C2F3DB", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "44E8F4B6-ACF1-4F2C-A2A4-DF7382CCE628", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "578794C1-5D60-4413-A713-95B1876344F9", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F90EFF1C-6B26-4419-B7B0-0AE8A34B06A1", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E5011C2D-FBB5-4117-BB97-11DE70117345", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E866C4E5-D739-4352-9B6D-9753B4C78A24", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D1FDA72E-991D-4451-9C8E-E738F4D12728", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8DCFA856-8E59-4E79-8B42-103FACA64CC8", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8B514CBE-2906-4F1A-9A6A-F1CE46F4B1C3", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E5D00EED-F95D-4458-BDC4-3390DE85348B", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1D91EC11-DD9A-434B-9EB4-14AA0E977D8D", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "292EC144-CBA2-4275-9F70-4ED65A505B39", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "61D9F220-3F5C-4B65-8A79-DE52D3E49DED", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C277B22C-B578-4B28-8698-0C8503CA6B23", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "6A11E433-943D-4D92-B45E-3FA268094278", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "96AA67E0-3471-4699-87A7-E47DD8E313B8", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BB76D898-4C7C-40E9-8539-E2A1BC7A5A66", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "9D5C853A-0A02-4AA9-B819-88FFD070ED48", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "BE9BAC77-AE7B-4E2B-A0B4-C9DBF627DF66", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "D4C3D6F5-D94D-46A3-991C-A11275B59F8E", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "6114B091-1612-4EA2-81D4-2E5455A345F7", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "86D68F26-EF89-4016-BD3A-637951752AAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "CE98010B-7588-4A1C-89FE-72CA9B73C57A", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5CDE9713-5E26-4B55-A4BA-C4239146C4AA", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "36F60067-2623-42F9-8B4F-C24F3268DDB9", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "ADAD6E9A-F8B5-4B2D-B687-AEAB518B8F19", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "D9927CE2-18D5-49D7-8331-8C97BC4CC87B", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "35D39173-BC06-409F-805F-50874376F148", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "60189636-02D6-44CA-BE2A-7777E3C409CD", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "68E2840B-96F4-4437-91D1-4AFE99E54D6A", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "23E592A7-B530-4932-A81D-D1B9ABD64047", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A35A6B27-EC09-42BD-992A-C47A23A7B7F9", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "70FDA39F-9038-4E1F-8DF3-585565AEFD75", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B83479FA-82FB-4F71-9B98-E683745DB49E", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8E734E1C-A92F-4394-8F33-4429161BE47C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C5DD20DA-0199-4D86-BBCB-012C25BB03E1", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3C3D1516-3B4B-4A9A-AF2A-727C256C3902", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5AD75094-3248-4D37-969E-75272F6F31D6", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "15F4D416-10F4-4C08-A25D-0795F7FE0FBE", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7CF10213-FBE4-47A5-8EF2-B45BF15BEB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*", matchCriteriaId: "0BA17099-6682-4033-840D-D45157038F01", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FAEDD121-4CFD-434E-8CED-890AECFA32F6", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1160D8C7-32E7-4837-AF7B-6F056255B5A2", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "19BEAC24-16B7-4841-818D-4ECD290F7579", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FCE3B2B0-66AA-4D12-B50E-8A3525AD74F0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "E5FE59B4-25A2-4EA0-94E4-22FD07AC8C5A", versionEndIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "52670F46-9438-430A-9D16-1F10655AB7BD", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "E190B2BE-BE2F-41C9-885E-6E0951498EC7", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "1FE1518D-8F83-47E9-B183-A998FA8B7CE2", versionEndIncluding: "12.1.3", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "D6944128-3A30-4835-A125-3EA7571D7DC0", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "9F13AAF2-2AD5-4121-8ABB-919835A46BD6", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "B6893786-8F81-49B3-B66C-910E225029EC", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "79344F94-2CB8-4F08-9373-61614A38476C", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "42D16634-442B-4674-B11E-6748D28764BD", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "622C877B-760A-4C50-9FDF-998C010B864E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EF2A5505-3830-44DE-AE62-DED706A2926B", versionEndIncluding: "11.5.8", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C3B161B7-21B7-4709-94D1-FBAF196C47A0", versionEndIncluding: "11.6.3", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "397AC4A5-B67C-483B-84F7-8CB294BB460C", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E697E4FD-1882-4BF8-9B9F-FB7DFD19497B", versionEndIncluding: "13.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "80509490-50DA-42F8-8A4A-A6F6B95649BA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.", }, { lang: "es", value: "En BIG-IP, en versiones 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1 y 14.0.0-14.0.0.2, en determinadas circunstancias, los sistemas de hardware con un puente de velocidad alta que utilizan configuraciones de reenvío de la capa 2 no establecidas por defecto podrían experimentar el bloqueo de dicho puente.", }, ], id: "CVE-2019-6604", lastModified: "2024-11-21T04:46:47.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-28T21:29:00.663", references: [ { source: "f5sirt@f5.com", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K26455071", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K26455071", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
Summary
On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.
References
▼ | URL | Tags | |
---|---|---|---|
f5sirt@f5.com | https://support.f5.com/csp/article/K12139752 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K12139752 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "AC26EC47-DB01-45B3-BD47-848B73334A99", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6BB42D3A-71EE-4367-9F65-86404D74E59D", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E021297A-FD19-446B-B526-7516503B6D24", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4049C7FF-FAE6-4377-98F9-7375D180B232", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E5011C2D-FBB5-4117-BB97-11DE70117345", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A53D2261-716A-46D4-B1A4-1C1D84F6AF94", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9032E773-CAB2-4108-A86B-04A8383663BE", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "35519CB7-C6BD-4EBF-A75F-03A5D2B9153C", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E5D00EED-F95D-4458-BDC4-3390DE85348B", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "11719D56-D88C-4970-B89E-376D6883857B", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "51218200-4536-4ED9-AA9A-301E2B30B829", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "586A9AE0-4417-4412-B573-73217F82FF73", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "6A11E433-943D-4D92-B45E-3FA268094278", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "018D35E1-B5D0-456E-9348-79E6CD0560E2", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "57F6C963-A1BF-4579-9345-D0207269577A", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "05737070-098F-4F1B-90B1-4357A232DFB0", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "D4C3D6F5-D94D-46A3-991C-A11275B59F8E", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "9C762BE7-29D5-47B2-B3A3-8AD9646417B6", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "DC6B989A-BA55-47F5-8269-D9FA435ECC29", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2392B92F-B2A5-4548-AB20-3142D5EADE8E", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F534EADF-DA49-4EDD-97F8-C4046E890D8B", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "6B30938E-E843-4D52-8EFC-19107BCDB1D9", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "60189636-02D6-44CA-BE2A-7777E3C409CD", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "6010CA3B-B5AB-4C6B-93A9-A148207224B2", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "16F3D25A-7050-4A98-B3B5-3539FCC417AE", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B189FA9C-D989-460B-85AC-FD39F8E0259E", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B3A526B1-EB66-497F-B8B5-45205781B323", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E91FA1C5-2FC4-49F7-9AF7-A6BD446BFA2E", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5AD75094-3248-4D37-969E-75272F6F31D6", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0A2FCB-564D-4530-B642-624B6A4F1A22", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "90DBE74F-6E43-448F-9479-8FD75D5DCC22", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*", matchCriteriaId: "0711B652-EC5F-4507-BD21-C27B636DE389", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1160D8C7-32E7-4837-AF7B-6F056255B5A2", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D2E20125-7514-4B6A-845D-AFC099C6B255", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "AE90FC3A-C0B4-4CFA-80A3-929871381613", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "205B6399-2EA9-44C0-8ED7-06B3EE724AC2", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "1FE1518D-8F83-47E9-B183-A998FA8B7CE2", versionEndIncluding: "12.1.3", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "E6ADE585-616C-4B40-A40C-EE97A8FAC653", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "64CAD197-79F4-41AE-956C-D23DCA556A52", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "79344F94-2CB8-4F08-9373-61614A38476C", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "93B1A472-EA29-4D4E-A27E-F40B0457DE39", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "224F2348-19DC-4242-8A1E-5F5BDCB86B9C", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5DAD0B3C-4E3B-48F1-84E1-E92BE40A657F", versionEndIncluding: "11.6.3", versionStartIncluding: "11.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "397AC4A5-B67C-483B-84F7-8CB294BB460C", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C9ADB128-5666-43E7-A7FE-587BD8CF19BE", versionEndIncluding: "13.1.1.1", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B4D3A77A-89E0-44DF-AA5B-EDEBCBB63060", versionEndIncluding: "14.0.0.2", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.", }, { lang: "es", value: "En BIG-IP, 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1 y 14.0.0-14.0.0.2, bajo ciertas circunstancias, el demonio snmpd podría divulgar memoria en un invitado BIG-IP vCMP con varios blades al procesar peticiones SNMP autorizadas.", }, ], id: "CVE-2019-6608", lastModified: "2024-11-21T04:46:47.787", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-28T21:29:00.820", references: [ { source: "f5sirt@f5.com", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K12139752", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K12139752", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }