CVE-2019-6611

First published: Fri May 03 2019(Updated: )

When BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8 are processing certain rare data sequences occurring in PPTP VPN traffic, the BIG-IP system may execute incorrect logic. The TMM may restart and produce a core file as a result of this condition. The BIG-IP system provisioned with the CGNAT module and configured with a virtual server using a PPTP profile is exposed to this vulnerability.

Credit: f5sirt@f5.com

Affected Software	Affected Version	How to fix
F5 BIG-IP Access Policy Manager	>=11.5.2<11.5.9
F5 BIG-IP Access Policy Manager	>=11.6.1<11.6.4
F5 BIG-IP Access Policy Manager	>=12.1.0<12.1.4.1
F5 BIG-IP Access Policy Manager	>=13.0.0<13.1.1.5
F5 BIG-IP Access Policy Manager	>=14.0.0<14.1.0.2
F5 BIG-IP Advanced Firewall Manager	>=11.5.2<11.5.9
F5 BIG-IP Advanced Firewall Manager	>=11.6.1<11.6.4
F5 BIG-IP Advanced Firewall Manager	>=12.1.0<12.1.4.1
F5 BIG-IP Advanced Firewall Manager	>=13.0.0<13.1.1.5
F5 BIG-IP Advanced Firewall Manager	>=14.0.0<14.1.0.2
F5 Big-ip Application Acceleration Manager	>=11.5.2<11.5.9
F5 Big-ip Application Acceleration Manager	>=11.6.1<11.6.4
F5 Big-ip Application Acceleration Manager	>=12.1.0<12.1.4.1
F5 Big-ip Application Acceleration Manager	>=13.0.0<13.1.1.5
F5 Big-ip Application Acceleration Manager	>=14.0.0<14.1.0.2
F5 Big-ip Link Controller	>=11.5.2<11.5.9
F5 Big-ip Link Controller	>=11.6.1<11.6.4
F5 Big-ip Link Controller	>=12.1.0<12.1.4.1
F5 Big-ip Link Controller	>=13.0.0<13.1.1.5
F5 Big-ip Link Controller	>=14.0.0<14.1.0.2
F5 Big-ip Policy Enforcement Manager	>=11.5.2<11.5.9
F5 Big-ip Policy Enforcement Manager	>=11.6.1<11.6.4
F5 Big-ip Policy Enforcement Manager	>=12.1.0<12.1.4.1
F5 Big-ip Policy Enforcement Manager	>=13.0.0<13.1.1.5
F5 Big-ip Policy Enforcement Manager	>=14.0.0<14.1.0.2
F5 Big-ip Webaccelerator	>=11.5.2<11.5.9
F5 Big-ip Webaccelerator	>=11.6.1<11.6.4
F5 Big-ip Webaccelerator	>=12.1.0<12.1.4.1
F5 Big-ip Webaccelerator	>=13.0.0<13.1.1.5
F5 Big-ip Webaccelerator	>=14.0.0<14.1.0.2
F5 BIG-IP Application Security Manager	>=11.5.2<11.5.9
F5 BIG-IP Application Security Manager	>=11.6.1<11.6.4
F5 BIG-IP Application Security Manager	>=12.1.0<12.1.4.1
F5 BIG-IP Application Security Manager	>=13.0.0<13.1.1.5
F5 BIG-IP Application Security Manager	>=14.0.0<14.1.0.2
F5 Big-ip Local Traffic Manager	>=11.5.2<11.5.9
F5 Big-ip Local Traffic Manager	>=11.6.1<11.6.4
F5 Big-ip Local Traffic Manager	>=12.1.0<12.1.4.1
F5 Big-ip Local Traffic Manager	>=13.0.0<13.1.1.5
F5 Big-ip Local Traffic Manager	>=14.0.0<14.1.0.2
F5 Big-ip Fraud Protection Service	>=11.5.2<11.5.9
F5 Big-ip Fraud Protection Service	>=11.6.1<11.6.4
F5 Big-ip Fraud Protection Service	>=12.1.0<12.1.4.1
F5 Big-ip Fraud Protection Service	>=13.0.0<13.1.1.5
F5 Big-ip Fraud Protection Service	>=14.0.0<14.1.0.2
F5 Big-ip Global Traffic Manager	>=11.5.2<11.5.9
F5 Big-ip Global Traffic Manager	>=11.6.1<11.6.4
F5 Big-ip Global Traffic Manager	>=12.1.0<12.1.4.1
F5 Big-ip Global Traffic Manager	>=13.0.0<13.1.1.5
F5 Big-ip Global Traffic Manager	>=14.0.0<14.1.0.2
F5 BIG-IP Analytics	>=11.5.2<11.5.9
F5 BIG-IP Analytics	>=11.6.1<11.6.4
F5 BIG-IP Analytics	>=12.1.0<12.1.4.1
F5 BIG-IP Analytics	>=13.0.0<13.1.1.5
F5 BIG-IP Analytics	>=14.0.0<14.1.0.2
F5 Big-ip Edge Gateway	>=11.5.2<11.5.9
F5 Big-ip Edge Gateway	>=11.6.1<11.6.4
F5 Big-ip Edge Gateway	>=12.1.0<12.1.4.1
F5 Big-ip Edge Gateway	>=13.0.0<13.1.1.5
F5 Big-ip Edge Gateway	>=14.0.0<14.1.0.2
F5 Big-ip Domain Name System	>=11.5.2<11.5.9
F5 Big-ip Domain Name System	>=11.6.1<11.6.4
F5 Big-ip Domain Name System	>=12.1.0<12.1.4.1
F5 Big-ip Domain Name System	>=13.0.0<13.1.1.5
F5 Big-ip Domain Name System	>=14.0.0<14.1.0.2

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/severity
agent/references
agent/author
agent/type
agent/event
agent/description
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/f5
canonical/f5 big-ip access policy manager
version/f5 big-ip access policy manager/11.5.2
version/f5 big-ip access policy manager/11.6.1
version/f5 big-ip access policy manager/12.1.0
version/f5 big-ip access policy manager/13.0.0
version/f5 big-ip access policy manager/14.0.0
canonical/f5 big-ip advanced firewall manager
version/f5 big-ip advanced firewall manager/11.5.2
version/f5 big-ip advanced firewall manager/11.6.1
version/f5 big-ip advanced firewall manager/12.1.0
version/f5 big-ip advanced firewall manager/13.0.0
version/f5 big-ip advanced firewall manager/14.0.0
canonical/f5 big-ip application acceleration manager
version/f5 big-ip application acceleration manager/11.5.2
version/f5 big-ip application acceleration manager/11.6.1
version/f5 big-ip application acceleration manager/12.1.0
version/f5 big-ip application acceleration manager/13.0.0
version/f5 big-ip application acceleration manager/14.0.0
canonical/f5 big-ip link controller
version/f5 big-ip link controller/11.5.2
version/f5 big-ip link controller/11.6.1
version/f5 big-ip link controller/12.1.0
version/f5 big-ip link controller/13.0.0
version/f5 big-ip link controller/14.0.0
canonical/f5 big-ip policy enforcement manager
version/f5 big-ip policy enforcement manager/11.5.2
version/f5 big-ip policy enforcement manager/11.6.1
version/f5 big-ip policy enforcement manager/12.1.0
version/f5 big-ip policy enforcement manager/13.0.0
version/f5 big-ip policy enforcement manager/14.0.0
canonical/f5 big-ip webaccelerator
version/f5 big-ip webaccelerator/11.5.2
version/f5 big-ip webaccelerator/11.6.1
version/f5 big-ip webaccelerator/12.1.0
version/f5 big-ip webaccelerator/13.0.0
version/f5 big-ip webaccelerator/14.0.0
canonical/f5 big-ip application security manager
version/f5 big-ip application security manager/11.5.2
version/f5 big-ip application security manager/11.6.1
version/f5 big-ip application security manager/12.1.0
version/f5 big-ip application security manager/13.0.0
version/f5 big-ip application security manager/14.0.0
canonical/f5 big-ip local traffic manager
version/f5 big-ip local traffic manager/11.5.2
version/f5 big-ip local traffic manager/11.6.1
version/f5 big-ip local traffic manager/12.1.0
version/f5 big-ip local traffic manager/13.0.0
version/f5 big-ip local traffic manager/14.0.0
canonical/f5 big-ip fraud protection service
version/f5 big-ip fraud protection service/11.5.2
version/f5 big-ip fraud protection service/11.6.1
version/f5 big-ip fraud protection service/12.1.0
version/f5 big-ip fraud protection service/13.0.0
version/f5 big-ip fraud protection service/14.0.0
canonical/f5 big-ip global traffic manager
version/f5 big-ip global traffic manager/11.5.2
version/f5 big-ip global traffic manager/11.6.1
version/f5 big-ip global traffic manager/12.1.0
version/f5 big-ip global traffic manager/13.0.0
version/f5 big-ip global traffic manager/14.0.0
canonical/f5 big-ip analytics
version/f5 big-ip analytics/11.5.2
version/f5 big-ip analytics/11.6.1
version/f5 big-ip analytics/12.1.0
version/f5 big-ip analytics/13.0.0
version/f5 big-ip analytics/14.0.0
canonical/f5 big-ip edge gateway
version/f5 big-ip edge gateway/11.5.2
version/f5 big-ip edge gateway/11.6.1
version/f5 big-ip edge gateway/12.1.0
version/f5 big-ip edge gateway/13.0.0
version/f5 big-ip edge gateway/14.0.0
canonical/f5 big-ip domain name system
version/f5 big-ip domain name system/11.5.2
version/f5 big-ip domain name system/11.6.1
version/f5 big-ip domain name system/12.1.0
version/f5 big-ip domain name system/13.0.0
version/f5 big-ip domain name system/14.0.0

CVE-2019-6611

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact