CVE-2019-6650F5 Big-ip Application Security Manager vulnerability

4 documents4 sources
Severity
9.1CRITICALNVD
EPSS
0.5%
top 33.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
F5 Big-ip Application Security ManagerF5 Networks Big-ip ASM
Timeline
PublishedSep 20
Latest updateMay 24

Description

F5 BIG-IP ASM 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 may expose sensitive information and allow the system configuration to be modified when using non-default settings.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages2 packages

CVEListV5f5_networks/big-ip_asm7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-cw93-7j95-j4hv: F5 BIG-IP ASM 152022-05-24
CVEList
CVE-2019-6650: F5 BIG-IP ASM 152019-09-20

📋Vendor Advisories

1
F5
CVE-2019-6650: F5 BIG-IP ASM 152019-09-20
CVE-2019-6650 — F5 vulnerability | cvebase