{"containers": {"cna": {"affected": [{"product": "BIG-IP, Enterprise Manager", "vendor": "F5 Networks", "versions": [{"status": "affected", "version": "BIG-IP 15.0.0"}, {"status": "affected", "version": "14.1.0-14.1.0.6"}, {"status": "affected", "version": "14.0.0-14.0.0.5"}, {"status": "affected", "version": "13.0.0-13.1.1.5"}, {"status": "affected", "version": "12.1.0-12.1.4.1"}, {"status": "affected", "version": "11.6.0-11.6.4"}, {"status": "affected", "version": "11.5.1-11.5.9"}, {"status": "affected", "version": "EM 3.1.1"}]}], "descriptions": [{"lang": "en", "value": "F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings."}], "problemTypes": [{"descriptions": [{"description": "Information Disclosure and Unauthorized Access", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-09-20T19:52:39", "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K05123525"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "f5sirt@f5.com", "ID": "CVE-2019-6649", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BIG-IP, Enterprise Manager", "version": {"version_data": [{"version_value": "BIG-IP 15.0.0"}, {"version_value": "14.1.0-14.1.0.6"}, {"version_value": "14.0.0-14.0.0.5"}, {"version_value": "13.0.0-13.1.1.5"}, {"version_value": "12.1.0-12.1.4.1"}, {"version_value": "11.6.0-11.6.4"}, {"version_value": "11.5.1-11.5.9"}, {"version_value": "EM 3.1.1"}]}}]}, "vendor_name": "F5 Networks"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Disclosure and Unauthorized Access"}]}]}, "references": {"reference_data": [{"name": "https://support.f5.com/csp/article/K05123525", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K05123525"}]}}}}, "cveMetadata": {"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "assignerShortName": "f5", "cveId": "CVE-2019-6649", "datePublished": "2019-09-20T19:52:39", "dateReserved": "2019-01-22T00:00:00", "dateUpdated": "2019-09-20T19:52:39", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "29E9362B-E23D-469B-AA78-6324B1CDDB82", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C803A33D-27EA-4D9F-B198-3046AAD5E97C", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A5E9908-C959-48FD-8FAC-C0FE329E6FD8", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "442A56A6-935D-427A-8562-144DD770E317", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "80509490-50DA-42F8-8A4A-A6F6B95649BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "907FEE11-DF3B-4BE7-9BAE-5F6BE20E469D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "334FDC15-9CCC-4A88-86E5-E8CBC8A18629", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A4E33A8-E3C9-452D-95A2-0C3A959ECBA4", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C23EFF81-0FF4-4B4A-BAC3-85EC62230099", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "24AB3C9F-77E5-4D87-A9C1-366B087E7F68", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8E734E1C-A92F-4394-8F33-4429161BE47C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A724B2F3-E3FA-456F-9581-0213358B654C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "355C962E-E284-4AF0-AD70-61C23CA229E6", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E7F909C-0F37-4FFB-96B9-5443B1BD0FC9", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E4EA2A9-C197-40D4-A6AE-A64D69536F99", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A3215E6-7223-4AF1-BFD3-BD8AE9B6B572", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D1FDA72E-991D-4451-9C8E-E738F4D12728", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4BFA5B4-AFC0-4E4C-A4E7-ED7BFDC3411F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "EDFDB8AF-4315-4B44-AFA8-78D58AFD1DDC", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "160670D4-FBF4-40F0-A531-F47A5D425BAD", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "CAECED76-81A2-4A0C-8C2E-24C235BB32DE", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDC38EF1-6210-40A1-88FC-964C470E41BA", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "622C877B-760A-4C50-9FDF-998C010B864E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D3F5F2BF-708F-40F6-9BD0-4779DE9A1785", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "03102DB5-6581-4B93-84E0-9A3DE06C5397", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "14D67BF0-A2B1-4B5B-AAB7-80B09E2EFC36", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D7877E8-E50F-4DC6-867D-C19A8DB533E3", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "899BE6FE-B23F-4236-8A5E-B41AFF28E533", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "44E8F4B6-ACF1-4F2C-A2A4-DF7382CCE628", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "25DAD24A-2D43-498E-BC43-183B669EA1FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4846F5F-F5D9-405F-8A6D-4D4CA19DA04E", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "7190E93F-6B10-479C-99CD-9253FCED4F41", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "6166E0DB-2BA5-454D-ABBC-9E4916436A44", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "F42F4AF6-4BCC-497E-A889-0BBCA965CB32", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D7BBEC67-BD2E-49D5-8294-977D975D98D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C529A4BA-F1B7-4297-A9CC-2FF0EB2CB5AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "053301F7-9F92-4869-854F-615AD3A156A8", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD13BE5B-8243-4A0D-9862-0435E9C883C8", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "88B12CA1-E853-4898-8A06-F991BE19A27A", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C98DCCF-2D89-4C05-A0AE-60CF8228B860", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB76D898-4C7C-40E9-8539-E2A1BC7A5A66", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D185434C-67FE-4CD6-A139-BA2FCC9F8878", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA4F1CFB-0FD9-4AEB-BF25-093115F9D891", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "43D44A10-E6B2-466C-AFCA-ABA73D5207E3", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "D59A6A14-EE0A-439B-8202-D11BD8DCAC60", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE11CCA1-58BF-462E-A0DE-49F3BC1C5499", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "639FCD86-C487-40DD-9840-8931FAF5DF3A", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "86D68F26-EF89-4016-BD3A-637951752AAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1013320D-D0EE-461E-AF90-049F82AC910E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "12F0D363-0DE8-4E32-9187-D7ACA0868BD8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "17D9E4EE-3D52-48BD-B003-D814E14F9C2B", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC23DA6F-9286-45D8-81A1-CA6FB6EC4D77", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A751827-1169-408E-BCE6-A129BDDB489D", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "428C4BEA-AFDA-45EC-9D5F-DDF409461C33", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "ADAD6E9A-F8B5-4B2D-B687-AEAB518B8F19", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1BF46DCE-2603-4E61-87B8-352FF4111567", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C3879431-2E02-4B6C-BB4F-C2FF631A0974", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B3E05E8-B2CF-44D6-B15C-C02A6DA49276", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "3EDDC264-DE67-46A3-8F1A-9B1F965712E6", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "75D817B1-EC06-4180-B272-067299818B09", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E3A4646-9AAA-445E-A08F-226D41485DC2", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "23E592A7-B530-4932-A81D-D1B9ABD64047", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "71666E6B-8615-4D7B-9A7B-2F6D048FE086", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0224CE5D-B406-4733-912B-8FC1FD19DF54", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "609EB179-115D-4146-AAF1-D8C4E0530D8F", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E72B035F-97C1-41C6-B424-F3929B9D7A99", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E058E775-EAAA-46DF-9F3D-A8D042AAFD88", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7CF10213-FBE4-47A5-8EF2-B45BF15BEB6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BDE4D90-5AE4-4183-997E-188FF17D497E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F041B77-BAA4-41C9-A02F-283B5A508ABC", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "D37EF199-1CA5-4201-8F58-856C70B536F7", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "F367EED9-1F71-4720-BE53-3074FF6049C9", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "20BF15AA-1183-489E-A24A-FFB5BFD84664", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A5A85C15-B821-4992-9B06-45767E7467D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "DE8EBE1A-2E66-4E40-8A11-8B6D21914E5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "45D0AF1B-9106-4C38-B1A2-87FC189ADBAB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADCC726B-F8E9-4F9C-B9FD-5C6F3CBD6C59", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "263BD719-575D-4CC0-A61A-D6A81C8B8104", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "66FCB095-3E70-472A-AB9D-60F001F3A539", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA39C4F5-4D97-4B0B-8DA9-780F7ACF0A74", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "292EC144-CBA2-4275-9F70-4ED65A505B39", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "22FF4312-2711-4526-B604-796E637139E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings."}, {"lang": "es", "value": "F5 BIG-IP versiones 15.0.0, 14.1.0 hasta 14.1.0.6, 14.0.0 hasta 14.0.0.5, 13.0.0 hasta 13.1.1.5, 12.1.0 hasta 12.1.4.1, 11.6.0 hasta 11.6.4 y 11.5.1 hasta 11.5.9 y Enterprise Manager versi\u00f3n 3.1.1, pueden exponer informaci\u00f3n confidencial y permitir que la configuraci\u00f3n del sistema sea modificada cuando se usen configuraciones ConfigSync no predeterminadas."}], "id": "CVE-2019-6649", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-09-20T20:15:11.383", "references": [{"source": "f5sirt@f5.com", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K05123525"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}