Vulnerabilites related to f5 - big-ip_protocol_security_manager
cve-2019-6604
Vulnerability from cvelistv5
Published
2019-03-28 20:28
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K26455071 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) |
Version: 11.5.1-11.5.8 Version: 11.6.1-11.6.3.4 Version: 12.1.0-12.1.3.6 Version: 13.0.0-13.1.1.1 Version: 14.0.0-14.0.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K26455071"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"vendor": "BIG-IP",
"versions": [
{
"status": "affected",
"version": "11.5.1-11.5.8"
},
{
"status": "affected",
"version": "11.6.1-11.6.3.4"
},
{
"status": "affected",
"version": "12.1.0-12.1.3.6"
},
{
"status": "affected",
"version": "13.0.0-13.1.1.1"
},
{
"status": "affected",
"version": "14.0.0-14.0.0.2"
}
]
}
],
"datePublic": "2019-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-28T20:28:52",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K26455071"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2019-6604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"version": {
"version_data": [
{
"version_value": "11.5.1-11.5.8"
},
{
"version_value": "11.6.1-11.6.3.4"
},
{
"version_value": "12.1.0-12.1.3.6"
},
{
"version_value": "13.0.0-13.1.1.1"
},
{
"version_value": "14.0.0-14.0.0.2"
}
]
}
}
]
},
"vendor_name": "BIG-IP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K26455071",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K26455071"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2019-6604",
"datePublished": "2019-03-28T20:28:52",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-6603
Vulnerability from cvelistv5
Published
2019-03-28 20:13
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K14632915 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/107625 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) |
Version: 11.5.1-11.5.8 Version: 11.6.1-11.6.3 Version: 12.1.0-12.1.3 Version: 13.0.0-13.0.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K14632915"
},
{
"name": "107625",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107625"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"vendor": "BIG-IP",
"versions": [
{
"status": "affected",
"version": "11.5.1-11.5.8"
},
{
"status": "affected",
"version": "11.6.1-11.6.3"
},
{
"status": "affected",
"version": "12.1.0-12.1.3"
},
{
"status": "affected",
"version": "13.0.0-13.0.1"
}
]
}
],
"datePublic": "2019-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-29T09:06:09",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K14632915"
},
{
"name": "107625",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107625"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2019-6603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"version": {
"version_data": [
{
"version_value": "11.5.1-11.5.8"
},
{
"version_value": "11.6.1-11.6.3"
},
{
"version_value": "12.1.0-12.1.3"
},
{
"version_value": "13.0.0-13.0.1"
}
]
}
}
]
},
"vendor_name": "BIG-IP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K14632915",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K14632915"
},
{
"name": "107625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107625"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2019-6603",
"datePublished": "2019-03-28T20:13:08",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4420
Vulnerability from cvelistv5
Published
2009-12-24 17:00
Modified
2024-08-07 07:01
Severity ?
EPSS score ?
Summary
Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1023386 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html | x_refsource_CONFIRM | |
| http://osvdb.org/61297 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/55005 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2009/3627 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/37805 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/37452 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1023386",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
},
{
"name": "61297",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61297"
},
{
"name": "bigip-asm-psm-bd-dos(55005)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
},
{
"name": "ADV-2009-3627",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3627"
},
{
"name": "37805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37805"
},
{
"name": "37452",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37452"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1023386",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
},
{
"name": "61297",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61297"
},
{
"name": "bigip-asm-psm-bd-dos(55005)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
},
{
"name": "ADV-2009-3627",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3627"
},
{
"name": "37805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37805"
},
{
"name": "37452",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37452"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1023386",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023386"
},
{
"name": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
},
{
"name": "61297",
"refsource": "OSVDB",
"url": "http://osvdb.org/61297"
},
{
"name": "bigip-asm-psm-bd-dos(55005)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
},
{
"name": "ADV-2009-3627",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3627"
},
{
"name": "37805",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37805"
},
{
"name": "37452",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37452"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4420",
"datePublished": "2009-12-24T17:00:00",
"dateReserved": "2009-12-24T00:00:00",
"dateUpdated": "2024-08-07T07:01:20.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-6606
Vulnerability from cvelistv5
Published
2019-03-28 20:34
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K35209601 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/107636 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) |
Version: 11.5.1-11.6.3.4 Version: 12.1.0-12.1.3.7 Version: 13.0.0-13.1.1.3 Version: 14.0.0-14.0.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K35209601"
},
{
"name": "107636",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107636"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"vendor": "BIG-IP",
"versions": [
{
"status": "affected",
"version": "11.5.1-11.6.3.4"
},
{
"status": "affected",
"version": "12.1.0-12.1.3.7"
},
{
"status": "affected",
"version": "13.0.0-13.1.1.3"
},
{
"status": "affected",
"version": "14.0.0-14.0.0.2"
}
]
}
],
"datePublic": "2019-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-01T07:06:06",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K35209601"
},
{
"name": "107636",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107636"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2019-6606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"version": {
"version_data": [
{
"version_value": "11.5.1-11.6.3.4"
},
{
"version_value": "12.1.0-12.1.3.7"
},
{
"version_value": "13.0.0-13.1.1.3"
},
{
"version_value": "14.0.0-14.0.0.2"
}
]
}
}
]
},
"vendor_name": "BIG-IP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K35209601",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K35209601"
},
{
"name": "107636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107636"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2019-6606",
"datePublished": "2019-03-28T20:34:26",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-6608
Vulnerability from cvelistv5
Published
2019-03-28 20:46
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K12139752 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) |
Version: 11.5.1-11.6.3 Version: 12.1.0-12.1.3 Version: 13.0.0-13.1.1.1 Version: 14.0.0-14.0.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K12139752"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"vendor": "BIG-IP",
"versions": [
{
"status": "affected",
"version": "11.5.1-11.6.3"
},
{
"status": "affected",
"version": "12.1.0-12.1.3"
},
{
"status": "affected",
"version": "13.0.0-13.1.1.1"
},
{
"status": "affected",
"version": "14.0.0-14.0.0.2"
}
]
}
],
"datePublic": "2019-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-28T20:46:53",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K12139752"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2019-6608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"version": {
"version_data": [
{
"version_value": "11.5.1-11.6.3"
},
{
"version_value": "12.1.0-12.1.3"
},
{
"version_value": "13.0.0-13.1.1.1"
},
{
"version_value": "14.0.0-14.0.0.2"
}
]
}
}
]
},
"vendor_name": "BIG-IP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K12139752",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K12139752"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2019-6608",
"datePublished": "2019-03-28T20:46:53",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4047
Vulnerability from cvelistv5
Published
2015-05-29 15:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3272",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"name": "20150520 Re: 0-day Denial of Service in IPsec-Tools",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"name": "FEDORA-2015-8968",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"name": "20150519 0-day Denial of Service in IPsec-Tools",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"name": "FEDORA-2015-8948",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
},
{
"name": "1032397",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032397"
},
{
"name": "[oss-security] 20150519 CVE Request: ipsec-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"name": "74739",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74739"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"name": "USN-2623-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2623-1"
},
{
"name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K05013313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-26T14:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3272",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"name": "20150520 Re: 0-day Denial of Service in IPsec-Tools",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"name": "FEDORA-2015-8968",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"name": "20150519 0-day Denial of Service in IPsec-Tools",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"name": "FEDORA-2015-8948",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
},
{
"name": "1032397",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032397"
},
{
"name": "[oss-security] 20150519 CVE Request: ipsec-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"name": "74739",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74739"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"name": "USN-2623-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2623-1"
},
{
"name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K05013313"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3272",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"name": "20150520 Re: 0-day Denial of Service in IPsec-Tools",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"name": "FEDORA-2015-8968",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"name": "20150519 0-day Denial of Service in IPsec-Tools",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"name": "FEDORA-2015-8948",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"name": "https://www.altsci.com/ipsec/ipsec-tools-sa.html",
"refsource": "MISC",
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
},
{
"name": "1032397",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032397"
},
{
"name": "[oss-security] 20150519 CVE Request: ipsec-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"name": "74739",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74739"
},
{
"name": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"name": "USN-2623-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2623-1"
},
{
"name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"name": "https://support.f5.com/csp/article/K05013313",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K05013313"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4047",
"datePublished": "2015-05-29T15:00:00",
"dateReserved": "2015-05-20T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-6605
Vulnerability from cvelistv5
Published
2019-03-28 20:23
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K45353544 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/107629 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) |
Version: 11.5.1-11.5.8 Version: 11.6.1-11.6.3.4 Version: 12.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K45353544"
},
{
"name": "107629",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107629"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"vendor": "BIG-IP",
"versions": [
{
"status": "affected",
"version": "11.5.1-11.5.8"
},
{
"status": "affected",
"version": "11.6.1-11.6.3.4"
},
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"datePublic": "2019-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-29T11:06:07",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K45353544"
},
{
"name": "107629",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107629"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2019-6605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"version": {
"version_data": [
{
"version_value": "11.5.1-11.5.8"
},
{
"version_value": "11.6.1-11.6.3.4"
},
{
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "BIG-IP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K45353544",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K45353544"
},
{
"name": "107629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107629"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2019-6605",
"datePublished": "2019-03-28T20:23:18",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
Summary
On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/107636 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K35209601 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107636 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K35209601 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF272B0-259D-4913-95AE-8621A3766FB0",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64B57535-53C6-44FC-815D-531F3FB4797E",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A33F717-7779-4998-B7D0-FEAD57F918EC",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8703B033-3A20-47A0-82DA-3ABC7578DFBB",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC6246F-635B-45F4-ACF1-CBEF25FEB2DF",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89F0F227-3865-442E-8FC5-282DEA1FC528",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A38AE898-8C76-4CF6-A79B-973D2CF756DE",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDA13E3-2F05-447F-9F03-63A1BFEC904B",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26A1FB10-2614-4A8B-B31C-69E90EBB6EBB",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D93B9D87-0EB8-4011-A106-4F835639EE70",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "056366BD-1F72-4DAF-8C0A-7B5C15054C8D",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87AF9718-1B10-475C-B596-64A553C8502C",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF42EB5-FEB7-455B-A426-9084493A7606",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "579E04C5-EDD5-457A-ADEE-9E3B7E2F17A4",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F21417-F817-462C-8CD8-E64623D45B9B",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CE084F-4A02-4BFE-AE40-2AC12EC1616B",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECA81A2E-33BE-45A5-8148-1DF189FC9879",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D09A0C39-32DF-4607-8712-8937CC6AF60A",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4987B39-619F-4599-8740-98358B6DDDF9",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DBD5C1-EF87-43F5-A319-304D6C1849D2",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29E6014A-CA29-408A-A7B2-13FBFD0694A8",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E2985B9-6EC3-4611-98EB-CAD506CA8A99",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5D0E6B-7DB1-48F3-A1AE-2AC7B5EF778B",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E08A936-5CB0-44D3-89B8-F768CD8AD264",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E80D9241-E826-4E4B-B4CD-D81B149AFAE1",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF9BF9FD-3FFE-4185-A089-89100C0A446C",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95A324A2-741F-497E-AA95-6A737FE9633E",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6D7537-A296-435B-AAC4-B12D5BCA8124",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "918D80CC-E31A-42B5-A1A8-55189FE841FE",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326EB203-8816-4091-96EF-70F4DBFBDD6D",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE90FC3A-C0B4-4CFA-80A3-929871381613",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B88D9922-D4A3-4002-BCA6-B1BC926A8672",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328B0CE8-4609-4D5F-981F-FB6C24E43730",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C81CBDB8-86A5-4A48-A7E1-F9B5239B6EAC",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85D8D4F-8C69-4409-8561-F1621855B7FB",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "007DDA3E-BAE5-4EC7-BECA-AB87CFEA1E87",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1A16FC6-73F3-4D95-99A2-CAD5C3F7BD71",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13FD61C2-B588-415F-9E0D-C47D74D919A0",
"versionEndIncluding": "11.6.3.4",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "768D6729-24D0-47C5-A905-9AF1E5ACBE85",
"versionEndIncluding": "12.1.3.7",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52ABEB1F-5C4E-4CEE-8852-4D664BC320E6",
"versionEndIncluding": "13.1.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D3A77A-89E0-44DF-AA5B-EDEBCBB63060",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory."
},
{
"lang": "es",
"value": "EN BIG-IP, en versiones 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3 y 14.0.0-14.0.0.2, al procesar determinadas peticiones SNMP con un \"request-id\" de 0, el proceso snmpd puede divulgar una peque\u00f1a cantidad de memoria."
}
],
"id": "CVE-2019-6606",
"lastModified": "2024-11-21T04:46:47.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-28T21:29:00.743",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107636"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K35209601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K35209601"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
Summary
In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/107625 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K14632915 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107625 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K14632915 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5917BC9C-20D5-46B1-8CAE-FF13944A6826",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC4967B-F2FC-4A94-8A6D-469D5B9F98AA",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB42D3A-71EE-4367-9F65-86404D74E59D",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D851DC0C-616D-4274-9CAF-5CBDB0E6CD14",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CBAF023-ECDC-46AA-877C-FEC138154BF9",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2749969B-5CDD-42A4-9DE3-DE111D41969F",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5011C2D-FBB5-4117-BB97-11DE70117345",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D22FE2C-CC72-42C8-B68B-CEBE002D0787",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B08497-08EC-4841-A3CE-CD8ABFEF5776",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14E85172-80FB-4A48-A02F-B2BCEEEFD764",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D00EED-F95D-4458-BDC4-3390DE85348B",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "988EB5E2-6099-41A5-BE4F-CA3999C335AE",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7325E534-6B65-49B8-988A-DE697261FF8E",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13414479-696D-41FB-919F-783741919610",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A11E433-943D-4D92-B45E-3FA268094278",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA780928-B3CA-42A5-B39B-B07F64733B52",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC16DB86-DCA7-4E8F-A14E-19CD56860700",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A6391D-E411-472A-A714-88D435789095",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C3D6F5-D94D-46A3-991C-A11275B59F8E",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCA2B639-DDB9-49B8-B792-5C8D0454FD03",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED5BCF6-E0BB-4EC9-B5E2-C4AF013BB074",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "288029B5-863C-492C-83A6-C206A85201ED",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2564C2-BD67-4DDE-A122-74F7E6C22318",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18635B65-806D-4F10-A853-87F870E981F7",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73EFB5D4-2BB0-402C-8CE2-5F33A68C42AD",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60189636-02D6-44CA-BE2A-7777E3C409CD",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACAA88B-9AFB-4D06-91CB-F73070FFFFD9",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBAB68BD-C800-46A8-8FC7-87AAE84EE4C4",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB73A745-E16B-4084-8CBE-FBBF8F52E72E",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "733198D0-FF68-410D-86B9-21CE3C353916",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "858B5DF1-A47F-467D-958D-77F5041BDB0A",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4016BD06-2BC7-4CBD-806F-2ED718E2418C",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD75094-3248-4D37-969E-75272F6F31D6",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03A2FE7F-4668-47E5-906D-F89AEBC30545",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60A7F3D6-8E27-4226-A30E-FE285D269FF4",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE827D8E-CD6E-430B-AF9F-C0BCF7373E0E",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1160D8C7-32E7-4837-AF7B-6F056255B5A2",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD4ACCC-DC43-4AF4-AB71-86A0EBCE194F",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E52F2B50-314C-4F02-AF3B-EAF8109A5B04",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD85C59D-43E8-4091-B0F6-5ACC40CC7257",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE1518D-8F83-47E9-B183-A998FA8B7CE2",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10B05525-4E48-4627-AF46-2A07D7DBFF32",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF3D694-93F5-4929-A9C0-BC2D7E9C3252",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5455A25-7557-4801-BC0F-8E78149A883C",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79344F94-2CB8-4F08-9373-61614A38476C",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBA0EE3-7A16-49CB-BE53-4E371AA4111F",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E1A42AA-059E-48D2-8564-6886CB48C41A",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "961AFB08-734F-4C41-BE91-B4649B23E45F",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "397AC4A5-B67C-483B-84F7-8CB294BB460C",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C56B7CD3-4224-4CF8-8FAB-9F44DAC1BE3F",
"versionEndIncluding": "13.0.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs."
},
{
"lang": "es",
"value": "En BP, en versiones 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3 y 13.0.0-13.0.1, los paquetes TCP mal formados enviados a una direcci\u00f3n IP propia o a un servidor virtual FastL4 podr\u00edan provocar una interrupci\u00f3n en el servicio. El plano de control no se ha visto expuesto a este problema. Este problema impacta a los servidores virtuales y a las IP propias del plano de datos."
}
],
"id": "CVE-2019-6603",
"lastModified": "2024-11-21T04:46:47.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-28T21:29:00.633",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107625"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K14632915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K14632915"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
Summary
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/107629 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K45353544 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107629 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K45353544 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC90E910-6E08-4D41-934F-6D1C4CC1BA72",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B5ED0C3-7E6F-45FB-BFAC-71B77132D95B",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82DA9C55-1423-47E2-B1C6-4EC7338C5BB6",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08C32055-1795-4E4E-9C41-EDA32D8EF115",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A40635-17AF-4173-AE4E-D4207FEA888F",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "297BBFB8-43E0-421B-B0F9-03C4A701796D",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA659989-316F-4CA3-A735-E6B90D5330D0",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0B5E9E-F3E0-4B46-8881-A8A09781D7CA",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4324996C-61A1-4903-ADD9-57665D8A8792",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC1011E-6181-4E12-953E-A86984EEF565",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62F3C18D-06E2-49FC-AD61-73BBD49594F6",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050F2924-F037-40C1-91D5-8AAE5D04C5CE",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2A2DF05-A5FC-44F2-9F4B-418568F51DD2",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4492163B-7B42-40C1-8C91-990AD529C19C",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "594447D1-3366-46BE-AFD4-587D195FB9BF",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8ADAED3-44EA-4CA8-BAC9-DBAF0DC3374D",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75CDEE23-33A4-4367-813B-21F0011F42E5",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30DE83C7-D98E-4155-A9BC-B02A3E92DCFD",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9599203-C7F7-44FF-A64B-C391EA90C486",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6630C351-9F64-4AAB-87D2-1980471C34E9",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BEBE8BA-1395-4304-91B9-8A6F458FDF37",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F4475CF-0CC9-40C1-B49C-9583964C3B4D",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE773753-5213-4AD6-AEFE-3F4878237752",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF9F6C2-2798-4012-96A8-CA0CCFDBBBD1",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2696A042-D2C5-4EF2-AF06-99C2C3AAC6A4",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EB16A5-CE35-4D0C-9B6F-5DBAD8A0115E",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23EF00D2-73BA-4628-B85A-3C733C266FB2",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C92DD4DF-DB93-424A-9F2B-97BE90F95C04",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1C6C08-58D1-4132-9E8B-8AD89323EAB5",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F699D81-BF49-4584-A538-E3C9FD51A3F3",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B10D3F14-3996-452D-8942-9F4BE5CFF0FE",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41BB68CE-FE2F-427E-BF59-987B42F853E8",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3831DDA-D376-47E2-82D7-D5A316A2CB22",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39319EBA-C004-4F9F-B534-AE553F14CB3E",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6238331B-22F9-437D-92E9-67217910CC6C",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31F91152-D9CF-4444-A3A0-81AAF335226E",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C52A77-A69C-42D4-BD1C-85AE831A7119",
"versionEndExcluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD07C3A4-E070-4C97-B78D-2360664335F1",
"versionEndExcluding": "11.6.4",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64AEA4EA-C960-4D68-87DF-52A686773D72",
"versionEndExcluding": "12.1.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service."
},
{
"lang": "es",
"value": "En BIG-IP, en versiones 11.5.1-11.5.8, 11.6.1-11.6.3 y 12.0.x, una secuencia no revelada de paquetes recibidos desde un servidor SSL virtual que son procesados por un SSL cliente asociado o perfil SSL del servidor podr\u00eda conducir a una denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2019-6605",
"lastModified": "2024-11-21T04:46:47.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-28T21:29:00.710",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107629"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K45353544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K45353544"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
Summary
On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | https://support.f5.com/csp/article/K12139752 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K12139752 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC26EC47-DB01-45B3-BD47-848B73334A99",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB42D3A-71EE-4367-9F65-86404D74E59D",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4049C7FF-FAE6-4377-98F9-7375D180B232",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5011C2D-FBB5-4117-BB97-11DE70117345",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A53D2261-716A-46D4-B1A4-1C1D84F6AF94",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35519CB7-C6BD-4EBF-A75F-03A5D2B9153C",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D00EED-F95D-4458-BDC4-3390DE85348B",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11719D56-D88C-4970-B89E-376D6883857B",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "586A9AE0-4417-4412-B573-73217F82FF73",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A11E433-943D-4D92-B45E-3FA268094278",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "018D35E1-B5D0-456E-9348-79E6CD0560E2",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05737070-098F-4F1B-90B1-4357A232DFB0",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C3D6F5-D94D-46A3-991C-A11275B59F8E",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C762BE7-29D5-47B2-B3A3-8AD9646417B6",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2392B92F-B2A5-4548-AB20-3142D5EADE8E",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30938E-E843-4D52-8EFC-19107BCDB1D9",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60189636-02D6-44CA-BE2A-7777E3C409CD",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6010CA3B-B5AB-4C6B-93A9-A148207224B2",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16F3D25A-7050-4A98-B3B5-3539FCC417AE",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B189FA9C-D989-460B-85AC-FD39F8E0259E",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E91FA1C5-2FC4-49F7-9AF7-A6BD446BFA2E",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD75094-3248-4D37-969E-75272F6F31D6",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0A2FCB-564D-4530-B642-624B6A4F1A22",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0711B652-EC5F-4507-BD21-C27B636DE389",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1160D8C7-32E7-4837-AF7B-6F056255B5A2",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E20125-7514-4B6A-845D-AFC099C6B255",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE90FC3A-C0B4-4CFA-80A3-929871381613",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "205B6399-2EA9-44C0-8ED7-06B3EE724AC2",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE1518D-8F83-47E9-B183-A998FA8B7CE2",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64CAD197-79F4-41AE-956C-D23DCA556A52",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79344F94-2CB8-4F08-9373-61614A38476C",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93B1A472-EA29-4D4E-A27E-F40B0457DE39",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAD0B3C-4E3B-48F1-84E1-E92BE40A657F",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "397AC4A5-B67C-483B-84F7-8CB294BB460C",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9ADB128-5666-43E7-A7FE-587BD8CF19BE",
"versionEndIncluding": "13.1.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D3A77A-89E0-44DF-AA5B-EDEBCBB63060",
"versionEndIncluding": "14.0.0.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests."
},
{
"lang": "es",
"value": "En BIG-IP, 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1 y 14.0.0-14.0.0.2, bajo ciertas circunstancias, el demonio snmpd podr\u00eda divulgar memoria en un invitado BIG-IP vCMP con varios blades al procesar peticiones SNMP autorizadas."
}
],
"id": "CVE-2019-6608",
"lastModified": "2024-11-21T04:46:47.787",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-28T21:29:00.820",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K12139752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K12139752"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-24 17:30
Modified
2024-11-21 01:09
Severity ?
Summary
Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_protocol_security_module | 10.0.0 | |
| f5 | big-ip_application_security_manager | 9.4.4 | |
| f5 | big-ip_application_security_manager | 9.4.5 | |
| f5 | big-ip_application_security_manager | 9.4.6 | |
| f5 | big-ip_application_security_manager | 9.4.7 | |
| f5 | big-ip_application_security_manager | 10.0.0 | |
| f5 | big-ip_application_security_manager | 10.0.1 | |
| f5 | big-ip_protocol_security_manager | 9.4.5 | |
| f5 | big-ip_protocol_security_manager | 9.4.6 | |
| f5 | big-ip_protocol_security_manager | 9.4.7 | |
| f5 | big-ip_protocol_security_manager | 10.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CEABC433-37BD-4A53-A872-92564807F022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "409B66AC-292F-426D-A908-D6D865A25CA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA4B9A-B1FB-4273-A0B3-A69F49D940D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "44D22108-C65D-4BB4-8141-B05F053863BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B42FE789-9F15-4450-B1B8-7D2A044A26A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B598A78-EF2C-461F-844E-84B0971A2F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE2CC21-3B8B-443B-A427-482B8A9D80DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50191BEE-7001-43DC-8AEE-01E233594752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "178C7BDD-639E-4472-BEDE-9187CD50DA4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "07B38707-9BD0-4E41-93A4-CCDDF1E8BC73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en el demonio bd en F5 Networks BIG-IP Application Security Manager (ASM) v9.4.4 hasta v9.4.7 y v10.0.0 hasta v10.0.1, y Protocol Security Manager (PSM) v9.4.5 hasta v9.4.7 y v10.0.0 hasta v10.0.1, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores desconocidos. NOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros."
}
],
"id": "CVE-2009-4420",
"lastModified": "2024-11-21T01:09:36.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-12-24T17:30:00.280",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/61297"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37805"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/37452"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023386"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3627"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
},
{
"source": "cve@mitre.org",
"url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/61297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
Summary
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | https://support.f5.com/csp/article/K26455071 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K26455071 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34520974-8346-4012-B191-F9F3B49C9A87",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B60D2B3-22C5-49CA-BB8A-7BBFE60CAFB5",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB42D3A-71EE-4367-9F65-86404D74E59D",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1331467F-B278-485E-AD91-7D0643C2F3DB",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44E8F4B6-ACF1-4F2C-A2A4-DF7382CCE628",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "578794C1-5D60-4413-A713-95B1876344F9",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F90EFF1C-6B26-4419-B7B0-0AE8A34B06A1",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5011C2D-FBB5-4117-BB97-11DE70117345",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E866C4E5-D739-4352-9B6D-9753B4C78A24",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D1FDA72E-991D-4451-9C8E-E738F4D12728",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DCFA856-8E59-4E79-8B42-103FACA64CC8",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B514CBE-2906-4F1A-9A6A-F1CE46F4B1C3",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D00EED-F95D-4458-BDC4-3390DE85348B",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D91EC11-DD9A-434B-9EB4-14AA0E977D8D",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "292EC144-CBA2-4275-9F70-4ED65A505B39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61D9F220-3F5C-4B65-8A79-DE52D3E49DED",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C277B22C-B578-4B28-8698-0C8503CA6B23",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A11E433-943D-4D92-B45E-3FA268094278",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96AA67E0-3471-4699-87A7-E47DD8E313B8",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB76D898-4C7C-40E9-8539-E2A1BC7A5A66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5C853A-0A02-4AA9-B819-88FFD070ED48",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9BAC77-AE7B-4E2B-A0B4-C9DBF627DF66",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C3D6F5-D94D-46A3-991C-A11275B59F8E",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6114B091-1612-4EA2-81D4-2E5455A345F7",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "86D68F26-EF89-4016-BD3A-637951752AAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE98010B-7588-4A1C-89FE-72CA9B73C57A",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDE9713-5E26-4B55-A4BA-C4239146C4AA",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36F60067-2623-42F9-8B4F-C24F3268DDB9",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ADAD6E9A-F8B5-4B2D-B687-AEAB518B8F19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9927CE2-18D5-49D7-8331-8C97BC4CC87B",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35D39173-BC06-409F-805F-50874376F148",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60189636-02D6-44CA-BE2A-7777E3C409CD",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68E2840B-96F4-4437-91D1-4AFE99E54D6A",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23E592A7-B530-4932-A81D-D1B9ABD64047",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A35A6B27-EC09-42BD-992A-C47A23A7B7F9",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70FDA39F-9038-4E1F-8DF3-585565AEFD75",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B83479FA-82FB-4F71-9B98-E683745DB49E",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E734E1C-A92F-4394-8F33-4429161BE47C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DD20DA-0199-4D86-BBCB-012C25BB03E1",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3D1516-3B4B-4A9A-AF2A-727C256C3902",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD75094-3248-4D37-969E-75272F6F31D6",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15F4D416-10F4-4C08-A25D-0795F7FE0FBE",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF10213-FBE4-47A5-8EF2-B45BF15BEB6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BA17099-6682-4033-840D-D45157038F01",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAEDD121-4CFD-434E-8CED-890AECFA32F6",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1160D8C7-32E7-4837-AF7B-6F056255B5A2",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19BEAC24-16B7-4841-818D-4ECD290F7579",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE3B2B0-66AA-4D12-B50E-8A3525AD74F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5FE59B4-25A2-4EA0-94E4-22FD07AC8C5A",
"versionEndIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52670F46-9438-430A-9D16-1F10655AB7BD",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E190B2BE-BE2F-41C9-885E-6E0951498EC7",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE1518D-8F83-47E9-B183-A998FA8B7CE2",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6944128-3A30-4835-A125-3EA7571D7DC0",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F13AAF2-2AD5-4121-8ABB-919835A46BD6",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6893786-8F81-49B3-B66C-910E225029EC",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79344F94-2CB8-4F08-9373-61614A38476C",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42D16634-442B-4674-B11E-6748D28764BD",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "622C877B-760A-4C50-9FDF-998C010B864E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2A5505-3830-44DE-AE62-DED706A2926B",
"versionEndIncluding": "11.5.8",
"versionStartIncluding": "11.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3B161B7-21B7-4709-94D1-FBAF196C47A0",
"versionEndIncluding": "11.6.3",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "397AC4A5-B67C-483B-84F7-8CB294BB460C",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E697E4FD-1882-4BF8-9B9F-FB7DFD19497B",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "80509490-50DA-42F8-8A4A-A6F6B95649BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge."
},
{
"lang": "es",
"value": "En BIG-IP, en versiones 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1 y 14.0.0-14.0.0.2, en determinadas circunstancias, los sistemas de hardware con un puente de velocidad alta que utilizan configuraciones de reenv\u00edo de la capa 2 no establecidas por defecto podr\u00edan experimentar el bloqueo de dicho puente."
}
],
"id": "CVE-2019-6604",
"lastModified": "2024-11-21T04:46:47.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-28T21:29:00.663",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K26455071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K26455071"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-29 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F6D424-26B7-4CD2-80B4-96FBA9E2FA5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C26031-A354-4E19-A1C3-415336B2E7C5",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9AF8FC-B730-428D-B317-86ABEF924299",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A53BE5FB-7405-4952-B3BD-6B0B8213F98A",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2670B3-1A96-4E72-A316-0AF826E8EC8B",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7D64DC-7271-4617-BD46-99C8246779CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69FBB7A9-69E7-4E84-ABBF-3430FA4FB757",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD67D31-7FB8-4A3F-915D-385617E21428",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C4E5F36-434B-48E1-9715-4EEC22FB23D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9970DEE7-9ED1-496F-A5DD-D41A0E13968E",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2620230F-1D8D-423D-953E-9EEF934C56DD",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34D75E7F-B65F-421D-92EE-6B20756019C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1488BC3-CBE9-4944-8573-D7EBE36713B8",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D2F203-B830-42E5-AE54-17453F72A45D",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCF89E7C-806E-4800-BAA9-0225433B6C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79157FB3-C12D-4E05-81A3-776381822B2F",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "283155E5-EEAB-4E05-A0E7-B9C5077A5029",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7569977A-E567-4115-B00C-4B0CBA86582E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E90D8985-EDE3-4613-9B4A-E3929D1D3721",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2F72B2-84F2-4FA2-9B53-E98344235EB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3BBF17-573E-430A-86CB-A9A2A47940E3",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEB08984-6E30-41C0-B283-66D2AAE1E8B7",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72ED4B6A-EC5B-400E-88B7-6C986FC5BC4F",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E859BDBF-D0E7-4621-83F3-4079EEB111BC",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37257612-FAA4-4004-A4D3-4624F06F0615",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42821916-E601-4831-B37B-3202ACF2C562",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96B6E81C-8DCA-4560-ABD7-8FB73FBE3824",
"versionEndIncluding": "11.4.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
"versionEndIncluding": "3.1.1",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."
},
{
"lang": "es",
"value": "racoon/gssapi.c en IPsec-Tools 0.8.2 permite a atacantes remotos causar una denegaci\u00f3n de servicios (referencia a puntero nulo y ca\u00edda de demonio IKE) a trav\u00e9s de una serie de solicitudes UDP manipuladas."
}
],
"id": "CVE-2015-4047",
"lastModified": "2024-11-21T02:30:21.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-29T15:59:19.030",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74739"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032397"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2623-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K05013313"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/May/81"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/May/83"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2623-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K05013313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}