Vulnerabilities > CVE-2019-6628 - Unspecified vulnerability in F5 Big-Ip Policy Enforcement Manager

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

NVD

Published: 2019-07-03

Updated: 2020-08-24

Summary

On BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, under certain conditions, the TMM process may terminate and restart while processing BIG-IP PEM traffic with the OpenVPN classifier.

Vulnerable Configurations

Part	Description	Count
Application	F5 F5 BIG IP Policy Enforcement Manager 14.0.0 F5 BIG IP Policy Enforcement Manager 14.0.0.1 F5 BIG IP Policy Enforcement Manager 14.0.0.2 F5 BIG IP Policy Enforcement Manager 14.0.0.3 F5 BIG IP Policy Enforcement Manager 14.0.0.4 F5 BIG IP Policy Enforcement Manager 14.1.0 F5 BIG IP Policy Enforcement Manager 14.1.0.1 F5 BIG IP Policy Enforcement Manager 14.1.0.2 F5 BIG IP Policy Enforcement Manager 14.1.0.2.0.45.4 F5 BIG IP Policy Enforcement Manager 14.1.0.2.0.62.4 F5 BIG IP Policy Enforcement Manager 14.1.0.3 F5 BIG IP Policy Enforcement Manager 14.1.0.3.0.79.6 F5 BIG IP Policy Enforcement Manager 14.1.0.3.0.97.6 F5 BIG IP Policy Enforcement Manager 14.1.0.3.0.99.6 F5 BIG IP Policy Enforcement Manager 14.1.0.5	15

References

https://support.f5.com/csp/article/K04730051