CVE-2019-6685

Summary

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution.

Affected Software

VendorProductVersion RangeStatus
F5BIG-IP15.0.0-15.0.1.1affected
F5BIG-IP14.1.0-14.1.2.2affected
F5BIG-IP14.0.0-14.0.1affected
F5BIG-IP13.1.0-13.1.3.1affected
F5BIG-IP12.1.0-12.1.5affected
F5BIG-IP11.5.2-11.6.5.1affected

Weaknesses

  • Privilege escalation

ADP Enrichment

CVE Program Container

Additional References

References