Details of VAR-201907-0134

ID

VAR-201907-0134

CVE

CVE-2019-6629

TITLE

BIG-IP Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-006062

DESCRIPTION

On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact to the control plane. BIG-IP Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in F5 BIG-IP versions 14.1.0.1 to 14.1.0.5, which could be exploited by attackers to disrupt traffic processing

Trust: 1.8

sources: NVD: CVE-2019-6629 // JVNDB: JVNDB-2019-006062 // VULHUB: VHN-158064 // VULMON: CVE-2019-6629

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip websafe	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip websafe	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	14.1.0.5	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	gte	version:	14.1.0.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip advanced firewall manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip analytics	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip application acceleration manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip application security manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip domain name system	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip edge gateway	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip global traffic manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip link controller	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip local traffic manager	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-006062 // NVD: CVE-2019-6629

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-6629
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-6629
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201907-056
value:	HIGH
Trust: 0.6
VULHUB:	VHN-158064
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2019-6629
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-6629
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	CVE-2019-6629
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-158064
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-6629
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2019-6629
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-158064 // VULMON: CVE-2019-6629 // JVNDB: JVNDB-2019-006062 // CNNVD: CNNVD-201907-056 // NVD: CVE-2019-6629

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-20	Trust: 0.9

sources: VULHUB: VHN-158064 // JVNDB: JVNDB-2019-006062 // NVD: CVE-2019-6629

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201907-056

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201907-056

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-006062

PATCH

title:	K95434410	url:	https://support.f5.com/csp/article/K95434410	Trust: 0.8
title:	F5 BIG-IP Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=94292	Trust: 0.6
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2019-6629	Trust: 0.1

sources: VULMON: CVE-2019-6629 // JVNDB: JVNDB-2019-006062 // CNNVD: CNNVD-201907-056

EXTERNAL IDS

db:	NVD	id:	CVE-2019-6629	Trust: 2.6
db:	JVNDB	id:	JVNDB-2019-006062	Trust: 0.8
db:	CNNVD	id:	CNNVD-201907-056	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.2407	Trust: 0.6
db:	VULHUB	id:	VHN-158064	Trust: 0.1
db:	VULMON	id:	CVE-2019-6629	Trust: 0.1

sources: VULHUB: VHN-158064 // VULMON: CVE-2019-6629 // JVNDB: JVNDB-2019-006062 // CNNVD: CNNVD-201907-056 // NVD: CVE-2019-6629

REFERENCES

url:	https://support.f5.com/csp/article/k95434410	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6629	Trust: 1.4
url:	https://support.f5.com/csp/article/k95434410?utm_source=f5support&amp%3butm_medium=rss	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6629	Trust: 0.8
url:	https://support.f5.com/csp/article/k95434410?utm_source=f5support&utm_medium=rss	Trust: 0.7
url:	https://support.f5.com/csp/article/k04730051	Trust: 0.6
url:	https://support.f5.com/csp/article/k07127032	Trust: 0.6
url:	https://support.f5.com/csp/article/k72335002	Trust: 0.6
url:	https://vigilance.fr/vulnerability/f5-big-ip-multiple-vulnerabilities-29665	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.2407/	Trust: 0.6
url:	https://support.f5.com/csp/article/k95434410?utm_source=f5support&amp;utm_medium=rss	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://github.com/live-hack-cve/cve-2019-6629	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-158064 // VULMON: CVE-2019-6629 // JVNDB: JVNDB-2019-006062 // CNNVD: CNNVD-201907-056 // NVD: CVE-2019-6629

SOURCES

db:	VULHUB	id:	VHN-158064
db:	VULMON	id:	CVE-2019-6629
db:	JVNDB	id:	JVNDB-2019-006062
db:	CNNVD	id:	CNNVD-201907-056
db:	NVD	id:	CVE-2019-6629

LAST UPDATE DATE

2024-11-23T21:37:08.028000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-158064	date:	2023-02-16T00:00:00
db:	VULMON	id:	CVE-2019-6629	date:	2023-02-16T00:00:00
db:	JVNDB	id:	JVNDB-2019-006062	date:	2019-07-09T00:00:00
db:	CNNVD	id:	CNNVD-201907-056	date:	2023-02-17T00:00:00
db:	NVD	id:	CVE-2019-6629	date:	2024-11-21T04:46:50.453

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-158064	date:	2019-07-03T00:00:00
db:	VULMON	id:	CVE-2019-6629	date:	2019-07-03T00:00:00
db:	JVNDB	id:	JVNDB-2019-006062	date:	2019-07-09T00:00:00
db:	CNNVD	id:	CNNVD-201907-056	date:	2019-07-02T00:00:00
db:	NVD	id:	CVE-2019-6629	date:	2019-07-03T18:15:10.850