Information Exposure Vulnerability in F5 BIG-IP ASM
CVE-2019-6650

9.1CRITICAL

Key Information:

Vendor: F5 Networks
Status: Big-ip Asm
Vendor: CVE Published:; 20 September 2019

🔔 Create F5 Networks Vulnerability Alert

What is CVE-2019-6650?

Certain versions of F5 BIG-IP Application Security Manager (ASM) are susceptible to a vulnerability that may result in the exposure of sensitive information. This can occur due to non-default configurations, which may allow unauthorized modification of system settings. Users are advised to review their configurations and apply necessary security measures to mitigate the risks associated with this vulnerability, ensuring that sensitive data remains protected.

Affected Version(s)

BIG-IP ASM 15.0.0

BIG-IP ASM 14.1.0-14.1.0.6

BIG-IP ASM 14.0.0-14.0.0.5

References

https://support.f5.com/csp/article/K04280042

x_refsource_CONFIRM

https://support.f5.com/csp/article/K04280042?utm_source=f...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 20, 2019
Vulnerability Reserved
Jan 22, 2019