CVE-2019-6686 — F5 Big-ip Local Traffic Manager vulnerability

4 documents4 sources

Severity

5.3MEDIUMNVD

EPSS

0.9%

top 24.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Big-ip Local Traffic Manager F5 Big-ip

Timeline

PublishedDec 23

Latest updateMay 24

Description

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, the Traffic Management Microkernel (TMM) might stop responding after the total number of diameter connections and pending messages on a single virtual server has reached 32K.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶NVDf5/big-ip_local_traffic_manager13.1.0 — 13.1.3.2+3

▶CVEListV5f5/big-ip4 versions+3

🔴Vulnerability Details

GHSA

GHSA-26hq-r45f-3pr8: On BIG-IP versions 15↗2022-05-24

▶

CVEList

CVE-2019-6686: On BIG-IP versions 15↗2019-12-23

▶

📋Vendor Advisories

CVE-2019-6686: On BIG-IP versions 15↗2019-12-23

▶