vulnerability

F5 Networks: CVE-2019-6634: K64855220: F5 TMUI and iControl Rest vulnerability CVE-2019-6634

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:N/A:P)	Jul 1, 2019	Jul 2, 2019	Aug 23, 2024

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:N/A:P)

Published

Jul 1, 2019

Added

Jul 2, 2019

Modified

Aug 23, 2024

Description

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, a high volume of malformed analytics report requests leads to instability in restjavad process. This causes issues with both iControl REST and some portions of TMUI. The attack requires an authenticated user with any role.

Solution

f5-big-ip-upgrade-latest

References

BID-109104
CVE-2019-6634
https://attackerkb.com/topics/CVE-2019-6634
URL-https://my.f5.com/manage/s/article/K64855220

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today