FKIE_CVE-2019-6608
Vulnerability from fkie_nvd - Published: 2019-03-28 21:29 - Updated: 2024-11-21 04:46
Severity ?
Summary
On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.
References
| URL | Tags | ||
|---|---|---|---|
| f5sirt@f5.com | https://support.f5.com/csp/article/K12139752 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K12139752 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC26EC47-DB01-45B3-BD47-848B73334A99",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB42D3A-71EE-4367-9F65-86404D74E59D",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4049C7FF-FAE6-4377-98F9-7375D180B232",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5011C2D-FBB5-4117-BB97-11DE70117345",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A53D2261-716A-46D4-B1A4-1C1D84F6AF94",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35519CB7-C6BD-4EBF-A75F-03A5D2B9153C",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D00EED-F95D-4458-BDC4-3390DE85348B",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11719D56-D88C-4970-B89E-376D6883857B",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "586A9AE0-4417-4412-B573-73217F82FF73",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A11E433-943D-4D92-B45E-3FA268094278",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "018D35E1-B5D0-456E-9348-79E6CD0560E2",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05737070-098F-4F1B-90B1-4357A232DFB0",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C3D6F5-D94D-46A3-991C-A11275B59F8E",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C762BE7-29D5-47B2-B3A3-8AD9646417B6",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2392B92F-B2A5-4548-AB20-3142D5EADE8E",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30938E-E843-4D52-8EFC-19107BCDB1D9",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60189636-02D6-44CA-BE2A-7777E3C409CD",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6010CA3B-B5AB-4C6B-93A9-A148207224B2",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F3D25A-7050-4A98-B3B5-3539FCC417AE",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B189FA9C-D989-460B-85AC-FD39F8E0259E",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E91FA1C5-2FC4-49F7-9AF7-A6BD446BFA2E",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD75094-3248-4D37-969E-75272F6F31D6",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0A2FCB-564D-4530-B642-624B6A4F1A22",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0711B652-EC5F-4507-BD21-C27B636DE389",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1160D8C7-32E7-4837-AF7B-6F056255B5A2",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E20125-7514-4B6A-845D-AFC099C6B255",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE90FC3A-C0B4-4CFA-80A3-929871381613",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "205B6399-2EA9-44C0-8ED7-06B3EE724AC2",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE1518D-8F83-47E9-B183-A998FA8B7CE2",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64CAD197-79F4-41AE-956C-D23DCA556A52",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79344F94-2CB8-4F08-9373-61614A38476C",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93B1A472-EA29-4D4E-A27E-F40B0457DE39",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAD0B3C-4E3B-48F1-84E1-E92BE40A657F",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "397AC4A5-B67C-483B-84F7-8CB294BB460C",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9ADB128-5666-43E7-A7FE-587BD8CF19BE",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D3A77A-89E0-44DF-AA5B-EDEBCBB63060",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests."
},
{
"lang": "es",
"value": "En BIG-IP, 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1 y 14.0.0-14.0.0.2, bajo ciertas circunstancias, el demonio snmpd podr\u00eda divulgar memoria en un invitado BIG-IP vCMP con varios blades al procesar peticiones SNMP autorizadas."
}
],
"id": "CVE-2019-6608",
"lastModified": "2024-11-21T04:46:47.787",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-28T21:29:00.820",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K12139752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K12139752"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…