CVE-2019-6628

4 documents4 sources
Severity
7.5HIGH
EPSS
0.9%
top 24.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
F5 Big-ip Policy Enforcement ManagerF5 Big-ip PEM
Timeline
PublishedJul 3
Latest updateMay 24

Description

On BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, under certain conditions, the TMM process may terminate and restart while processing BIG-IP PEM traffic with the OpenVPN classifier.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDf5/big-ip_policy_enforcement_manager14.0.014.0.0.4+1
CVEListV5f5/big-ip_pem14.0.0-14.0.0.4, BIG-IP PEM 14.1.0-14.1.0.5+1

🔴Vulnerability Details

2
GHSA
GHSA-r48g-4538-wvgc: On BIG-IP PEM 142022-05-24
CVEList
CVE-2019-6628: On BIG-IP PEM 142019-07-03

📋Vendor Advisories

1
F5
CVE-2019-6628: On BIG-IP PEM 142019-07-03
CVE-2019-6628 (HIGH CVSS 7.5) | On BIG-IP PEM 14.1.0-14.1.0.5 and 1 | cvebase.io