cbcvebase.
CVE-2019-6646
published 2019-09-04

CVE-2019-6646: On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin…

high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin privileges.

Affected

41 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip_aam
f5big-ip_access_policy_manager
f5big-ip_access_policy_manager11.5.2 – 11.6.4
f5big-ip_advanced_firewall_manager
f5big-ip_advanced_firewall_manager11.5.2 – 11.6.4
f5big-ip_afm
f5big-ip_analytics
f5big-ip_analytics
f5big-ip_analytics11.5.2 – 11.6.4
f5big-ip_apm
f5big-ip_application_acceleration_manager
f5big-ip_application_acceleration_manager11.5.2 – 11.6.4
f5big-ip_application_security_manager
f5big-ip_application_security_manager11.5.2 – 11.6.4
f5big-ip_asm
f5big-ip_dns
f5big-ip_domain_name_system
f5big-ip_domain_name_system11.5.2 – 11.6.4
f5big-ip_edge_gateway
f5big-ip_edge_gateway
f5big-ip_edge_gateway11.5.2 – 11.6.4
f5big-ip_fps
f5big-ip_fraud_protection_service
f5big-ip_fraud_protection_service11.5.2 – 11.6.4
f5big-ip_global_traffic_manager