CVE-2019-6664

{"id": "CVE-2019-6664", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-11-15T21:15:11.557", "references": [{"url": "https://support.f5.com/csp/article/K03126093", "tags": ["Vendor Advisory"], "source": "f5sirt@f5.com"}, {"url": "https://support.f5.com/csp/article/K03126093", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices."}, {"lang": "es", "value": "En BIG-IP versiones 15.0.0 y versiones 14.1.0 hasta 14.1.0.6, bajo determinadas condiciones, las protecciones de red en el puerto de administraci\u00f3n no siguen las mejores pr\u00e1cticas actuales."}], "lastModified": "2024-11-21T04:46:54.733", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A872294-C7E5-497E-9552-D66E9CC2FE29", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1604BEF8-D477-42D7-90C6-94E91CB4795E", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69312D88-C3EE-4E1C-8A75-223F768A16F9", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD31C9B9-5FA6-4625-BC1A-2F0CABBCE115", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52F87F8E-8367-4494-901C-307924DDE3EB", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E526C8EB-B685-4DDD-9DF5-88512D2D4662", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CBA69D7-13CB-43AB-9CA5-773327444562", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA4F1CFB-0FD9-4AEB-BF25-093115F9D891"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4679F821-AB5A-4AA4-BBEE-F9697239D036", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12F0D363-0DE8-4E32-9187-D7ACA0868BD8"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55D5080C-3A93-4FE1-85DE-97E1932C1C75", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3879431-2E02-4B6C-BB4F-C2FF631A0974"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A53CA87D-1FED-49D5-8165-489E6D2E7CD7", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "616FCF83-B8BD-4EEC-BE2D-4E90DD627A7F", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A953010-C7F4-4315-B357-CE37101AE356", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2039B56E-1F28-49AF-B080-A130E61D3C61", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45D0AF1B-9106-4C38-B1A2-87FC189ADBAB"}], "operator": "OR"}]}], "sourceIdentifier": "f5sirt@f5.com"}