var-201909-0076
Vulnerability from variot
F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings. plural F5 BIG-IP The product contains an information disclosure vulnerability.Information may be obtained and information may be altered. Both F5 BIG-IP and F5 Enterprise Manager are products of the US company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 Enterprise Manager is a tool that provides visibility into the entire BIG-IP application delivery infrastructure and optimizes application performance. Security vulnerabilities exist in F5 BIG-IP and F5 Enterprise Manager. An attacker could exploit this vulnerability to disclose sensitive information and modify system configurations. The following products and versions are affected: F5 BIG-IP version 15.0.0, version 14.1.0 to version 14.1.0.6, version 14.0.0 to version 14.0.0.5, version 13.0.0 to version 13.1.1.5, version 12.1.0 to version 12.1.4.1, version 11.6.0 to version 11.6.4, version 11.5.1 to version 11.5.9; Enterprise Manager version 3.1.1
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201909-0076", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "big-ip fraud protection service", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip global traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip application acceleration manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip domain name system", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip application security manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip edge gateway", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip analytics", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip webaccelerator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip local traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip domain name system", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip global traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip fraud protection service", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip application security manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip global traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip analytics", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip edge gateway", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip edge gateway", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip webaccelerator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip link controller", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip edge gateway", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip domain name system", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip domain name system", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip link controller", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip webaccelerator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip application security manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip domain name system", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip analytics", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip analytics", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip policy enforcement manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip domain name system", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip access policy manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip fraud protection service", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip advanced firewall manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip advanced firewall manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip webaccelerator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip link controller", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip link controller", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip access policy manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip edge gateway", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip fraud protection service", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip webaccelerator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip access policy manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip advanced firewall manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip fraud protection service", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip global traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip local traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip fraud protection service", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip advanced firewall manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip global traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip link controller", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip application acceleration manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip edge gateway", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip webaccelerator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip edge gateway", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip webaccelerator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip link controller", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip webaccelerator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip link controller", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.5.2" }, { "model": "big-ip application security manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.0.0" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip domain name system", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip global traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip local traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip application acceleration manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip policy enforcement manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip application acceleration manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "12.1.4" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip policy enforcement manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.5.9" }, { "model": "big-ip edge gateway", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "11.6.4" }, { "model": "big-ip access policy manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip enterprise manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "3.1.1" }, { "model": "big-ip fraud protection service", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip global traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip local traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.1" }, { "model": "big-ip access policy manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip advanced firewall manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip analytics", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip application security manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip domain name system", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip edge gateway", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip fraud protection service", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip global traffic manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip link controller", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip local traffic manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-010088" }, { "db": "NVD", "id": "CVE-2019-6649" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-6649" } ] }, "cve": "CVE-2019-6649", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 4.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2019-6649", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-158084", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 5.2, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 9.1, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-6649", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-6649", "trust": 1.8, "value": "CRITICAL" }, { "author": "CNNVD", "id": "CNNVD-201909-1011", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-158084", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-158084" }, { "db": "JVNDB", "id": "JVNDB-2019-010088" }, { "db": "NVD", "id": "CVE-2019-6649" }, { "db": "CNNVD", "id": "CNNVD-201909-1011" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings. plural F5 BIG-IP The product contains an information disclosure vulnerability.Information may be obtained and information may be altered. Both F5 BIG-IP and F5 Enterprise Manager are products of the US company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 Enterprise Manager is a tool that provides visibility into the entire BIG-IP application delivery infrastructure and optimizes application performance. Security vulnerabilities exist in F5 BIG-IP and F5 Enterprise Manager. An attacker could exploit this vulnerability to disclose sensitive information and modify system configurations. The following products and versions are affected: F5 BIG-IP version 15.0.0, version 14.1.0 to version 14.1.0.6, version 14.0.0 to version 14.0.0.5, version 13.0.0 to version 13.1.1.5, version 12.1.0 to version 12.1.4.1, version 11.6.0 to version 11.6.4, version 11.5.1 to version 11.5.9; Enterprise Manager version 3.1.1", "sources": [ { "db": "NVD", "id": "CVE-2019-6649" }, { "db": "JVNDB", "id": "JVNDB-2019-010088" }, { "db": "VULHUB", "id": "VHN-158084" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-6649", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2019-010088", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201909-1011", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2020-61643", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-158084", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158084" }, { "db": "JVNDB", "id": "JVNDB-2019-010088" }, { "db": "NVD", "id": "CVE-2019-6649" }, { "db": "CNNVD", "id": "CNNVD-201909-1011" } ] }, "id": "VAR-201909-0076", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-158084" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T13:33:22.596000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "K05123525", "trust": 0.8, "url": "https://support.f5.com/csp/article/k05123525" }, { "title": "F5 BIG-IP and F5 Enterprise Manager Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=98477" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-010088" }, { "db": "CNNVD", "id": "CNNVD-201909-1011" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-200", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158084" }, { "db": "JVNDB", "id": "JVNDB-2019-010088" }, { "db": "NVD", "id": "CVE-2019-6649" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://support.f5.com/csp/article/k05123525" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6649" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6649" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/f5-big-ip-configuration-corruption-via-configsync-30371" } ], "sources": [ { "db": "VULHUB", "id": "VHN-158084" }, { "db": "JVNDB", "id": "JVNDB-2019-010088" }, { "db": "NVD", "id": "CVE-2019-6649" }, { "db": "CNNVD", "id": "CNNVD-201909-1011" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-158084" }, { "db": "JVNDB", "id": "JVNDB-2019-010088" }, { "db": "NVD", "id": "CVE-2019-6649" }, { "db": "CNNVD", "id": "CNNVD-201909-1011" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-09-20T00:00:00", "db": "VULHUB", "id": "VHN-158084" }, { "date": "2019-10-04T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-010088" }, { "date": "2019-09-20T20:15:11.383000", "db": "NVD", "id": "CVE-2019-6649" }, { "date": "2019-09-20T00:00:00", "db": "CNNVD", "id": "CNNVD-201909-1011" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-08-24T00:00:00", "db": "VULHUB", "id": "VHN-158084" }, { "date": "2019-10-04T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-010088" }, { "date": "2020-08-24T17:37:01.140000", "db": "NVD", "id": "CVE-2019-6649" }, { "date": "2020-08-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201909-1011" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201909-1011" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural F5 BIG-IP Information disclosure vulnerability in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-010088" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-201909-1011" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.