Data Leak Vulnerability in F5 BIG-IP Platforms
CVE-2019-6655

5.3MEDIUM

Key Information:

Vendor: F5
Status: Big-ip Avr, Asm, Apm, Pem, Afm, And/or Aam
Vendor: CVE Published:; 25 September 2019

What is CVE-2019-6655?

F5 BIG-IP platforms with AVRs, ASMs, APMs, PEMs, AFMs, or AAMs provisioned are susceptible to a data leak issue. This vulnerability affects several versions, potentially exposing sensitive data to unauthorized access. Organizations using affected versions need to apply the necessary updates to mitigate potential risks associated with user data exposure.

Affected Version(s)

BIG-IP AVR, ASM, APM, PEM, AFM, and/or AAM 13.0.0-13.1.0.1, 12.1.0-12.1.4.1, 11.6.1-11.6.4, 11.5.1-11.5.9

References

https://support.f5.com/csp/article/K31152411

x_refsource_MISC

https://support.f5.com/csp/article/K31152411?utm_source=f...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 25, 2019
Vulnerability Reserved
Jan 22, 2019