Vulnerabilities > CVE-2019-6673 - Unspecified vulnerability in F5 products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

nessus

NVD

Published: 2019-11-27

Updated: 2020-08-24

Summary

On versions 15.0.0-15.0.1 and 14.0.0-14.1.2, when the BIG-IP is configured in HTTP/2 Full Proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel (TMM).

Vulnerable Configurations

Part	Description	Count
Application	F5 F5 BIG IP Local Traffic Manager 14.0.0 F5 BIG IP Local Traffic Manager 14.0.0.2 F5 BIG IP Local Traffic Manager 14.0.0.3 F5 BIG IP Local Traffic Manager 14.0.0.4 F5 BIG IP Local Traffic Manager 14.0.0.5 F5 BIG IP Local Traffic Manager 14.0.1 F5 BIG IP Local Traffic Manager 14.0.1.1 F5 BIG IP Local Traffic Manager 14.1.0 F5 BIG IP Local Traffic Manager 14.1.0.1 F5 BIG IP Local Traffic Manager 14.1.0.2 F5 BIG IP Local Traffic Manager 14.1.0.2.0.45.4 F5 BIG IP Local Traffic Manager 14.1.0.2.0.62.4 F5 BIG IP Local Traffic Manager 14.1.0.3 F5 BIG IP Local Traffic Manager 14.1.0.3.0.79.6 F5 BIG IP Local Traffic Manager 14.1.0.3.0.97.6 F5 BIG IP Local Traffic Manager 14.1.0.3.0.99.6 F5 BIG IP Local Traffic Manager 14.1.0.5 F5 BIG IP Local Traffic Manager 14.1.0.5.0.15.5 F5 BIG IP Local Traffic Manager 14.1.0.5.0.36.5 F5 BIG IP Local Traffic Manager 14.1.0.5.0.40.5 F5 BIG IP Local Traffic Manager 14.1.0.6 F5 BIG IP Local Traffic Manager 14.1.0.6.0.11.9 F5 BIG IP Local Traffic Manager 14.1.0.6.0.14.9 F5 BIG IP Local Traffic Manager 14.1.0.6.0.68.9 F5 BIG IP Local Traffic Manager 14.1.0.6.0.70.9 F5 BIG IP Local Traffic Manager 14.1.2 F5 BIG IP Local Traffic Manager 15.0.0 F5 BIG IP Local Traffic Manager 15.0.1 F5 BIG IP Advanced Firewall Manager 14.0.0 F5 BIG IP Advanced Firewall Manager 14.0.0.1 F5 BIG IP Advanced Firewall Manager 14.0.0.2 F5 BIG IP Advanced Firewall Manager 14.0.0.3 F5 BIG IP Advanced Firewall Manager 14.0.0.4 F5 BIG IP Advanced Firewall Manager 14.0.0.5 F5 BIG IP Advanced Firewall Manager 14.0.1 F5 BIG IP Advanced Firewall Manager 14.0.1.1 F5 BIG IP Advanced Firewall Manager 14.1.0 F5 BIG IP Advanced Firewall Manager 14.1.0.1 F5 BIG IP Advanced Firewall Manager 14.1.0.2 F5 BIG IP Advanced Firewall Manager 14.1.0.2.0.45.4 F5 BIG IP Advanced Firewall Manager 14.1.0.2.0.62.4 F5 BIG IP Advanced Firewall Manager 14.1.0.3 F5 BIG IP Advanced Firewall Manager 14.1.0.3.0.79.6 F5 BIG IP Advanced Firewall Manager 14.1.0.3.0.97.6 F5 BIG IP Advanced Firewall Manager 14.1.0.3.0.99.6 F5 BIG IP Advanced Firewall Manager 14.1.0.5 F5 BIG IP Advanced Firewall Manager 14.1.0.5.0.15.5 F5 BIG IP Advanced Firewall Manager 14.1.0.5.0.36.5 F5 BIG IP Advanced Firewall Manager 14.1.0.5.0.40.5 F5 BIG IP Advanced Firewall Manager 14.1.0.6 F5 BIG IP Advanced Firewall Manager 14.1.0.6.0.11.9 F5 BIG IP Advanced Firewall Manager 14.1.0.6.0.14.9 F5 BIG IP Advanced Firewall Manager 14.1.0.6.0.68.9 F5 BIG IP Advanced Firewall Manager 14.1.0.6.0.70.9 F5 BIG IP Advanced Firewall Manager 14.1.2 F5 BIG IP Advanced Firewall Manager 15.0.0 F5 BIG IP Advanced Firewall Manager 15.0.1 F5 BIG IP Application Acceleration Manager 14.0.0 F5 BIG IP Application Acceleration Manager 14.0.0.1 F5 BIG IP Application Acceleration Manager 14.0.0.2 F5 BIG IP Application Acceleration Manager 14.0.0.3 F5 BIG IP Application Acceleration Manager 14.0.0.4 F5 BIG IP Application Acceleration Manager 14.0.0.5 F5 BIG IP Application Acceleration Manager 14.0.1 F5 BIG IP Application Acceleration Manager 14.0.1.1 F5 BIG IP Application Acceleration Manager 14.1.0 F5 BIG IP Application Acceleration Manager 14.1.0.1 F5 BIG IP Application Acceleration Manager 14.1.0.2 F5 BIG IP Application Acceleration Manager 14.1.0.2.0.45.4 F5 BIG IP Application Acceleration Manager 14.1.0.2.0.62.4 F5 BIG IP Application Acceleration Manager 14.1.0.3 F5 BIG IP Application Acceleration Manager 14.1.0.3.0.79.6 F5 BIG IP Application Acceleration Manager 14.1.0.3.0.97.6 F5 BIG IP Application Acceleration Manager 14.1.0.3.0.99.6 F5 BIG IP Application Acceleration Manager 14.1.0.5 F5 BIG IP Application Acceleration Manager 14.1.0.5.0.15.5 F5 BIG IP Application Acceleration Manager 14.1.0.5.0.36.5 F5 BIG IP Application Acceleration Manager 14.1.0.5.0.40.5 F5 BIG IP Application Acceleration Manager 14.1.0.6 F5 BIG IP Application Acceleration Manager 14.1.0.6.0.11.9 F5 BIG IP Application Acceleration Manager 14.1.0.6.0.14.9 F5 BIG IP Application Acceleration Manager 14.1.0.6.0.68.9 F5 BIG IP Application Acceleration Manager 14.1.0.6.0.70.9 F5 BIG IP Application Acceleration Manager 14.1.2 F5 BIG IP Application Acceleration Manager 15.0.0 F5 BIG IP Application Acceleration Manager 15.0.1 F5 BIG IP Access Policy Manager 14.0.0 F5 BIG IP Access Policy Manager 14.0.0.2 F5 BIG IP Access Policy Manager 14.0.0.3 F5 BIG IP Access Policy Manager 14.0.0.4 F5 BIG IP Access Policy Manager 14.0.0.5 F5 BIG IP Access Policy Manager 14.0.1 F5 BIG IP Access Policy Manager 14.0.1.1 F5 BIG IP Access Policy Manager 14.1.0 F5 BIG IP Access Policy Manager 14.1.0.1 F5 BIG IP Access Policy Manager 14.1.0.2 F5 BIG IP Access Policy Manager 14.1.0.2.0.45.4 F5 BIG IP Access Policy Manager 14.1.0.2.0.62.4 F5 BIG IP Access Policy Manager 14.1.0.3 F5 BIG IP Access Policy Manager 14.1.0.3.0.79.6 F5 BIG IP Access Policy Manager 14.1.0.3.0.97.6 F5 BIG IP Access Policy Manager 14.1.0.3.0.99.6 F5 BIG IP Access Policy Manager 14.1.0.5 F5 BIG IP Access Policy Manager 14.1.0.5.0.15.5 F5 BIG IP Access Policy Manager 14.1.0.5.0.36.5 F5 BIG IP Access Policy Manager 14.1.0.5.0.40.5 F5 BIG IP Access Policy Manager 14.1.0.6 F5 BIG IP Access Policy Manager 14.1.0.6.0.11.9 F5 BIG IP Access Policy Manager 14.1.0.6.0.14.9 F5 BIG IP Access Policy Manager 14.1.0.6.0.68.9 F5 BIG IP Access Policy Manager 14.1.0.6.0.70.9 F5 BIG IP Access Policy Manager 14.1.2 F5 BIG IP Access Policy Manager 15.0.0 F5 BIG IP Access Policy Manager 15.0.1 F5 BIG IP Application Security Manager 14.0.0 F5 BIG IP Application Security Manager 14.0.0.1 F5 BIG IP Application Security Manager 14.0.0.2 F5 BIG IP Application Security Manager 14.0.0.3 F5 BIG IP Application Security Manager 14.0.0.4 F5 BIG IP Application Security Manager 14.0.0.5 F5 BIG IP Application Security Manager 14.0.1 F5 BIG IP Application Security Manager 14.0.1.1 F5 BIG IP Application Security Manager 14.1.0 F5 BIG IP Application Security Manager 14.1.0.1 F5 BIG IP Application Security Manager 14.1.0.2 F5 BIG IP Application Security Manager 14.1.0.2.0.45.4 F5 BIG IP Application Security Manager 14.1.0.2.0.62.4 F5 BIG IP Application Security Manager 14.1.0.3 F5 BIG IP Application Security Manager 14.1.0.3.0.79.6 F5 BIG IP Application Security Manager 14.1.0.3.0.97.6 F5 BIG IP Application Security Manager 14.1.0.3.0.99.6 F5 BIG IP Application Security Manager 14.1.0.5 F5 BIG IP Application Security Manager 14.1.0.5.0.15.5 F5 BIG IP Application Security Manager 14.1.0.5.0.36.5 F5 BIG IP Application Security Manager 14.1.0.5.0.40.5 F5 BIG IP Application Security Manager 14.1.0.6 F5 BIG IP Application Security Manager 14.1.0.6.0.11.9 F5 BIG IP Application Security Manager 14.1.0.6.0.14.9 F5 BIG IP Application Security Manager 14.1.0.6.0.68.9 F5 BIG IP Application Security Manager 14.1.0.6.0.70.9 F5 BIG IP Application Security Manager 14.1.2 F5 BIG IP Application Security Manager 15.0.0 F5 BIG IP Application Security Manager 15.0.1 F5 BIG IP Fraud Protection Service 14.0.0 F5 BIG IP Fraud Protection Service 14.0.0.1 F5 BIG IP Fraud Protection Service 14.0.0.2 F5 BIG IP Fraud Protection Service 14.0.0.3 F5 BIG IP Fraud Protection Service 14.0.0.4 F5 BIG IP Fraud Protection Service 14.0.0.5 F5 BIG IP Fraud Protection Service 14.0.1 F5 BIG IP Fraud Protection Service 14.0.1.1 F5 BIG IP Fraud Protection Service 14.1.0 F5 BIG IP Fraud Protection Service 14.1.0.1 F5 BIG IP Fraud Protection Service 14.1.0.2 F5 BIG IP Fraud Protection Service 14.1.0.2.0.45.4 F5 BIG IP Fraud Protection Service 14.1.0.2.0.62.4 F5 BIG IP Fraud Protection Service 14.1.0.3 F5 BIG IP Fraud Protection Service 14.1.0.3.0.79.6 F5 BIG IP Fraud Protection Service 14.1.0.3.0.97.6 F5 BIG IP Fraud Protection Service 14.1.0.3.0.99.6 F5 BIG IP Fraud Protection Service 14.1.0.5.0.15.5 F5 BIG IP Fraud Protection Service 14.1.0.5.0.36.5 F5 BIG IP Fraud Protection Service 14.1.0.5.0.40.5 F5 BIG IP Fraud Protection Service 14.1.0.6 F5 BIG IP Fraud Protection Service 14.1.0.6.0.11.9 F5 BIG IP Fraud Protection Service 14.1.0.6.0.14.9 F5 BIG IP Fraud Protection Service 14.1.0.6.0.68.9 F5 BIG IP Fraud Protection Service 14.1.0.6.0.70.9 F5 BIG IP Fraud Protection Service 14.1.2 F5 BIG IP Fraud Protection Service 15.0.0 F5 BIG IP Fraud Protection Service 15.0.1 F5 BIG IP Link Controller 14.0.0 F5 BIG IP Link Controller 14.0.0.1 F5 BIG IP Link Controller 14.0.0.2 F5 BIG IP Link Controller 14.0.0.3 F5 BIG IP Link Controller 14.0.0.4 F5 BIG IP Link Controller 14.0.0.5 F5 BIG IP Link Controller 14.0.1 F5 BIG IP Link Controller 14.0.1.1 F5 BIG IP Link Controller 14.1.0 F5 BIG IP Link Controller 14.1.0.1 F5 BIG IP Link Controller 14.1.0.2 F5 BIG IP Link Controller 14.1.0.2.0.45.4 F5 BIG IP Link Controller 14.1.0.2.0.62.4 F5 BIG IP Link Controller 14.1.0.3 F5 BIG IP Link Controller 14.1.0.3.0.79.6 F5 BIG IP Link Controller 14.1.0.3.0.97.6 F5 BIG IP Link Controller 14.1.0.3.0.99.6 F5 BIG IP Link Controller 14.1.0.5 F5 BIG IP Link Controller 14.1.0.5.0.15.5 F5 BIG IP Link Controller 14.1.0.5.0.36.5 F5 BIG IP Link Controller 14.1.0.5.0.40.5 F5 BIG IP Link Controller 14.1.0.6 F5 BIG IP Link Controller 14.1.0.6.0.11.9 F5 BIG IP Link Controller 14.1.0.6.0.14.9 F5 BIG IP Link Controller 14.1.0.6.0.68.9 F5 BIG IP Link Controller 14.1.0.6.0.70.9 F5 BIG IP Link Controller 14.1.2 F5 BIG IP Link Controller 15.0.0 F5 BIG IP Link Controller 15.0.1 F5 BIG IP Policy Enforcement Manager 14.0.0 F5 BIG IP Policy Enforcement Manager 14.0.0.1 F5 BIG IP Policy Enforcement Manager 14.0.0.2 F5 BIG IP Policy Enforcement Manager 14.0.0.3 F5 BIG IP Policy Enforcement Manager 14.0.0.4 F5 BIG IP Policy Enforcement Manager 14.0.0.5 F5 BIG IP Policy Enforcement Manager 14.0.1 F5 BIG IP Policy Enforcement Manager 14.0.1.1 F5 BIG IP Policy Enforcement Manager 14.1.0 F5 BIG IP Policy Enforcement Manager 14.1.0.1 F5 BIG IP Policy Enforcement Manager 14.1.0.2 F5 BIG IP Policy Enforcement Manager 14.1.0.2.0.45.4 F5 BIG IP Policy Enforcement Manager 14.1.0.2.0.62.4 F5 BIG IP Policy Enforcement Manager 14.1.0.3 F5 BIG IP Policy Enforcement Manager 14.1.0.3.0.79.6 F5 BIG IP Policy Enforcement Manager 14.1.0.3.0.97.6 F5 BIG IP Policy Enforcement Manager 14.1.0.3.0.99.6 F5 BIG IP Policy Enforcement Manager 14.1.0.5 F5 BIG IP Policy Enforcement Manager 14.1.0.5.0.15.5 F5 BIG IP Policy Enforcement Manager 14.1.0.5.0.36.5 F5 BIG IP Policy Enforcement Manager 14.1.0.5.0.40.5 F5 BIG IP Policy Enforcement Manager 14.1.0.6 F5 BIG IP Policy Enforcement Manager 14.1.0.6.0.11.9 F5 BIG IP Policy Enforcement Manager 14.1.0.6.0.14.9 F5 BIG IP Policy Enforcement Manager 14.1.0.6.0.68.9 F5 BIG IP Policy Enforcement Manager 14.1.0.6.0.70.9 F5 BIG IP Policy Enforcement Manager 14.1.2 F5 BIG IP Policy Enforcement Manager 15.0.0 F5 BIG IP Policy Enforcement Manager 15.0.1	229

Nessus

NASL family	F5 Networks Local Security Checks
NASL id	F5_BIGIP_SOL81557381.NASL
description	When the BIG-IP system is configured in HTTP/2 full proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel (TMM). (CVE-2019-6673) Impact An attacker may be able to use a specifically crafted request to cause a disruption of service. The data plane is impacted and exposed only when a virtual server is configured with an associated HTTP profile, HTTP/2 client and server profile, and the HTTP MRF Router option is enabled (HTTP/2 full proxy mode).
last seen	2020-06-01
modified	2020-06-02
plugin id	132576
published	2019-12-31
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132576
title	F5 Networks BIG-IP : BIG-IP HTTP/2 vulnerability (K81557381)

References

https://support.f5.com/csp/article/K81557381