CVE-2019-6590 — F5 Big-ip Local Traffic Manager vulnerability

4 documents4 sources

Severity

5.9MEDIUMNVD

EPSS

0.6%

top 31.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Big-ip Local Traffic Manager F5 Networks INC Big-ip

Timeline

PublishedFeb 5

Latest updateMay 13

Description

On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

▶NVDf5/big-ip_local_traffic_manager11.5.1 — 11.6.3+2

▶CVEListV5f5_networks_inc/big-ip13.0.0-13.0.1, 12.1.0-12.1.3.6

🔴Vulnerability Details

GHSA

GHSA-9652-xrw4-5wc5: On BIG-IP LTM 13↗2022-05-13

▶

CVEList

CVE-2019-6590: On BIG-IP LTM 13↗2019-02-05

▶

📋Vendor Advisories

CVE-2019-6590: On BIG-IP LTM 13↗2019-02-05

▶