CVE-2019-6634

Summary

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, a high volume of malformed analytics report requests leads to instability in restjavad process. This causes issues with both iControl REST and some portions of TMUI. The attack requires an authenticated user with any role.

Affected Software

VendorProductVersion RangeStatus
F5BIG-IPBIG-IP 14.1.0-14.1.0.5affected
F5BIG-IP14.0.0-14.0.0.4affected
F5BIG-IP13.0.0-13.1.1.4affected
F5BIG-IP12.1.0-12.1.4affected

Weaknesses

  • DoS

ADP Enrichment

CVE Program Container

Additional References

References