Vulnerabilities > CVE-2019-6680 - Unspecified vulnerability in F5 products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5, while processing traffic through a standard virtual server that targets a FastL4 virtual server (VIP on VIP), hardware appliances may stop responding.
Vulnerable Configurations
Nessus
NASL family | F5 Networks Local Security Checks |
NASL id | F5_BIGIP_SOL53183580.NASL |
description | While processing traffic through a standard virtual server that targets a FastL4 virtual server (VIP on VIP), hardware appliances may stop responding. (CVE-2019-6680) Impact This issue does not impact BIG-IP Virtual Edition (VE) systems, or appliances without a high-speed bridge. On hardware platforms with a high-speed bridge, this vulnerability allows remote attackers to cause a denial of service (DoS) on the BIG-IP system. The following hardware appliances do not have a high-speed bridge and are not affected by this vulnerability. All other platforms are vulnerable. Non-vulnerable platforms : BIG-IP 2000 BIG-IP 4000 BIG-IP 3600 BIG-IP 1600 In addition, this issue only affects a standard virtual server that sends traffic to a FastL4 virtual server on the same physical BIG-IP system, and the same vCMP guest in the case of vCMP. This issue does not affect a FastL4 virtual server that sends traffic to another FastL4 virtual server, nor does it affect a FastL4 virtual server that sends traffic to a standard virtual server. |
last seen | 2020-03-17 |
modified | 2019-12-31 |
plugin id | 132569 |
published | 2019-12-31 |
reporter | This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/132569 |
title | F5 Networks BIG-IP : TMM FastL4 vulnerability (K53183580) |