CVE-2019-6665
N/A
N/A
Summary
On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5 iWorkflow will be able to set up the proxy the same way and intercept the traffic.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| F5 | BIG-IP ASM | 15.0.0-15.0.1 | affected |
| F5 | BIG-IP ASM | 14.1.0-14.1.2 | affected |
| F5 | BIG-IP ASM | 14.0.0-14.0.1 | affected |
| F5 | BIG-IP ASM | 13.1.0-13.1.3.1 | affected |
| F5 | BIG-IQ | 6.0.0 | affected |
| F5 | BIG-IQ | 5.2.0-5.4.0 | affected |
| F5 | IWorkflow | 2.3.0 | affected |
| F5 | Enterprise Manager | 3.1.1 | affected |
Weaknesses
- Data injection
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.