CVE-2019-6654
published 2019-09-25CVE-2019-6654: On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering (As defined in RFC…
medium4.3CVSS 3.1
AVAACLPRNUINSUCNILAN
On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering (As defined in RFC 1812 section 5.3.7) on the control plane (management interface). This may allow attackers on an adjacent system to force BIG-IP into processing packets with spoofed source addresses.
Affected
66 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip_aam | — | — |
| f5 | big-ip_access_policy_manager | 11.5.1 – 11.6.5 | — |
| f5 | big-ip_access_policy_manager | 12.1.0 – 12.1.5 | — |
| f5 | big-ip_access_policy_manager | 13.0.0 – 13.1.3 | — |
| f5 | big-ip_access_policy_manager | 14.0.0 – 14.1.2 | — |
| f5 | big-ip_advanced_firewall_manager | 11.5.1 – 11.6.5 | — |
| f5 | big-ip_advanced_firewall_manager | 12.1.0 – 12.1.5 | — |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 – 13.1.3 | — |
| f5 | big-ip_advanced_firewall_manager | 14.0.0 – 14.1.2 | — |
| f5 | big-ip_afm | — | — |
| f5 | big-ip_analytics | — | — |
| f5 | big-ip_analytics | 11.5.1 – 11.6.5 | — |
| f5 | big-ip_analytics | 12.1.0 – 12.1.5 | — |
| f5 | big-ip_analytics | 13.0.0 – 13.1.3 | — |
| f5 | big-ip_analytics | 14.0.0 – 14.1.2 | — |
| f5 | big-ip_apm | — | — |
| f5 | big-ip_application_acceleration_manager | 11.5.1 – 11.6.5 | — |
| f5 | big-ip_application_acceleration_manager | 12.1.0 – 12.1.5 | — |
| f5 | big-ip_application_acceleration_manager | 13.0.0 – 13.1.3 | — |
| f5 | big-ip_application_acceleration_manager | 14.0.0 – 14.1.2 | — |
| f5 | big-ip_application_security_manager | 11.5.1 – 11.6.5 | — |
| f5 | big-ip_application_security_manager | 12.1.0 – 12.1.5 | — |
| f5 | big-ip_application_security_manager | 13.0.0 – 13.1.3 | — |
| f5 | big-ip_application_security_manager | 14.0.0 – 14.1.2 | — |
| f5 | big-ip_asm | — | — |