CVE-2019-6629 — F5 Big-ip Global Traffic Manager vulnerability

4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.7%

top 27.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Big-ip Access Policy Manager F5 Big-ip Advanced Firewall Manager F5 Big-ip Analytics +11 more

Timeline

PublishedJul 3

Latest updateMay 24

Description

On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact to the control plane.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages14 packages

▶NVDf5/big-ip_link_controller14.1.0.1 — 14.1.0.5

▶NVDf5/big-ip_local_traffic_manager14.1.0.1 — 14.1.0.5

▶NVDf5/big-ip_global_traffic_manager14.1.0.1 — 14.1.0.5

▶NVDf5/big-ip_websafe14.1.0.1 — 14.1.0.5

▶NVDf5/big-ip_analytics14.1.0.1 — 14.1.0.5

🔴Vulnerability Details

GHSA

GHSA-hxpv-6qpq-9fxj: On BIG-IP 14↗2022-05-24

▶

CVEList

CVE-2019-6629: On BIG-IP 14↗2019-07-03

▶

📋Vendor Advisories

CVE-2019-6629: On BIG-IP 14↗2019-07-03

▶