Vulnerabilities > CVE-2019-6608 - Memory Leak vulnerability in F5 products

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
high complexity
f5
CWE-401
nessus
NVD
Published: 2019-03-28
Updated: 2020-08-24

Summary

On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.

Vulnerable Configurations

Part Description Count
Application
F5
659
Hardware
F5
6

Common Weakness Enumeration (CWE)

Nessus

NASL familyF5 Networks Local Security Checks
NASL idF5_BIGIP_SOL12139752.NASL
descriptionUnder certain conditions, the snmpd process may leak memory on a multi-blade BIG-IP Virtual Clustered Multiprocessing (vCMP) guest when processing authorized SNMP requests. (CVE-2019-6608) Impact Over time, the snmpd process consumes excessive memory, forcing the BIG-IP system to slow down and eventually fail over.
last seen2020-06-01
modified2020-06-02
plugin id123028
published2019-03-25
reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/123028
titleF5 Networks BIG-IP : BIG-IP SNMPD vulnerability (K12139752)

References