CVE-2019-6592 - OpenCVE

On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
F5	Big-ip Edge Gateway Big-ip Policy Enforcement Manager Big-ip Analytics Big-ip Access Policy Manager Big-ip Link Controller Big-ip Webaccelerator Big-ip Fraud Protection Service Big-ip Domain Name System Big-ip Global Traffic Manager Big-ip Advanced Firewall Manager Big-ip Local Traffic Manager Big-ip Application Security Manager

Configuration 1 [-]

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

Configuration 6 [-]

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

Configuration 7 [-]

cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*

Configuration 8 [-]

cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*

Configuration 9 [-]

cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*

Configuration 10 [-]

cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

Configuration 11 [-]

cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*

Configuration 12 [-]

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*

Configuration 13 [-]

cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/107176	Third Party Advisory VDB Entry
https://support.f5.com/csp/article/K54167061	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: f5

Published: 2019-02-26T00:00:00

Updated: 2019-02-28T10:57:01

Reserved: 2019-01-22T00:00:00

Link: CVE-2019-6592

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-02-26T15:29:00.247

Modified: 2019-02-28T15:32:40.750

Link: CVE-2019-6592

JSON object: View

Redhat Information

No data.

CWE

CWE-295