{"containers": {"cna": {"affected": [{"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", "vendor": "BIG-IP", "versions": [{"status": "affected", "version": "11.5.1-11.6.3.4"}, {"status": "affected", "version": "12.1.0-12.1.3.7"}, {"status": "affected", "version": "13.0.0-13.1.1.3"}, {"status": "affected", "version": "14.0.0-14.0.0.2"}]}], "datePublic": "2019-03-21T00:00:00", "descriptions": [{"lang": "en", "value": "On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory."}], "problemTypes": [{"descriptions": [{"description": "DoS", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-04-01T07:06:06", "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.f5.com/csp/article/K35209601"}, {"name": "107636", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/107636"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "f5sirt@f5.com", "ID": "CVE-2019-6606", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", "version": {"version_data": [{"version_value": "11.5.1-11.6.3.4"}, {"version_value": "12.1.0-12.1.3.7"}, {"version_value": "13.0.0-13.1.1.3"}, {"version_value": "14.0.0-14.0.0.2"}]}}]}, "vendor_name": "BIG-IP"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "DoS"}]}]}, "references": {"reference_data": [{"name": "https://support.f5.com/csp/article/K35209601", "refsource": "MISC", "url": "https://support.f5.com/csp/article/K35209601"}, {"name": "107636", "refsource": "BID", "url": "http://www.securityfocus.com/bid/107636"}]}}}}, "cveMetadata": {"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "assignerShortName": "f5", "cveId": "CVE-2019-6606", "datePublished": "2019-03-28T20:34:26", "dateReserved": "2019-01-22T00:00:00", "dateUpdated": "2019-04-01T07:06:06", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADF272B0-259D-4913-95AE-8621A3766FB0", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "64B57535-53C6-44FC-815D-531F3FB4797E", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A33F717-7779-4998-B7D0-FEAD57F918EC", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8703B033-3A20-47A0-82DA-3ABC7578DFBB", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBC6246F-635B-45F4-ACF1-CBEF25FEB2DF", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "89F0F227-3865-442E-8FC5-282DEA1FC528", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A38AE898-8C76-4CF6-A79B-973D2CF756DE", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDDA13E3-2F05-447F-9F03-63A1BFEC904B", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "26A1FB10-2614-4A8B-B31C-69E90EBB6EBB", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "D93B9D87-0EB8-4011-A106-4F835639EE70", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "056366BD-1F72-4DAF-8C0A-7B5C15054C8D", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "87AF9718-1B10-475C-B596-64A553C8502C", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "8AF42EB5-FEB7-455B-A426-9084493A7606", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "579E04C5-EDD5-457A-ADEE-9E3B7E2F17A4", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7F21417-F817-462C-8CD8-E64623D45B9B", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2CE084F-4A02-4BFE-AE40-2AC12EC1616B", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "ECA81A2E-33BE-45A5-8148-1DF189FC9879", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D09A0C39-32DF-4607-8712-8937CC6AF60A", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4987B39-619F-4599-8740-98358B6DDDF9", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "63DBD5C1-EF87-43F5-A319-304D6C1849D2", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "29E6014A-CA29-408A-A7B2-13FBFD0694A8", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E2985B9-6EC3-4611-98EB-CAD506CA8A99", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB5D0E6B-7DB1-48F3-A1AE-2AC7B5EF778B", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "9E08A936-5CB0-44D3-89B8-F768CD8AD264", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E80D9241-E826-4E4B-B4CD-D81B149AFAE1", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF9BF9FD-3FFE-4185-A089-89100C0A446C", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "95A324A2-741F-497E-AA95-6A737FE9633E", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D6D7537-A296-435B-AAC4-B12D5BCA8124", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "918D80CC-E31A-42B5-A1A8-55189FE841FE", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "326EB203-8816-4091-96EF-70F4DBFBDD6D", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE90FC3A-C0B4-4CFA-80A3-929871381613", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "B88D9922-D4A3-4002-BCA6-B1BC926A8672", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "328B0CE8-4609-4D5F-981F-FB6C24E43730", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "C81CBDB8-86A5-4A48-A7E1-F9B5239B6EAC", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "B85D8D4F-8C69-4409-8561-F1621855B7FB", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "007DDA3E-BAE5-4EC7-BECA-AB87CFEA1E87", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1A16FC6-73F3-4D95-99A2-CAD5C3F7BD71", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "13FD61C2-B588-415F-9E0D-C47D74D919A0", "versionEndIncluding": "11.6.3.4", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "768D6729-24D0-47C5-A905-9AF1E5ACBE85", "versionEndIncluding": "12.1.3.7", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "52ABEB1F-5C4E-4CEE-8852-4D664BC320E6", "versionEndIncluding": "13.1.1.3", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4D3A77A-89E0-44DF-AA5B-EDEBCBB63060", "versionEndIncluding": "14.0.0.2", "versionStartIncluding": "14.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory."}, {"lang": "es", "value": "EN BIG-IP, en versiones 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3 y 14.0.0-14.0.0.2, al procesar determinadas peticiones SNMP con un \"request-id\" de 0, el proceso snmpd puede divulgar una peque\u00f1a cantidad de memoria."}], "id": "CVE-2019-6606", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-03-28T21:29:00.743", "references": [{"source": "f5sirt@f5.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/107636"}, {"source": "f5sirt@f5.com", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K35209601"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}