CVE-2019-6652
published 2019-09-25CVE-2019-6652: In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any form of Transport Layer Security (TLS).
medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any form of Transport Layer Security (TLS).
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-iq | — | — |
| f5 | big-iq_centralized_management | — | — |
| f5 | big-iq_centralized_management | 6.0.0 – 6.1.0 | — |