Rewterz Threat Advisory – CVE-2019-6623 – F5 Multiple BIG-IP Products Denial of Service Vulnerability

July 3, 2019

Severity

Medium

Analysis Summary

An error when handling certain traffic related to BIG-IP iSession virtual can be exploited to can be exploited to cause a restart of the Traffic Management Microkernel (TMM).

Impact

Denial of Service

Affected Vendors

Affected Products

F5 BIG-IP Local Traffic Manager (LTM) 12.x
F5 BIG-IP Application Security Manager (ASM) 12.x
F5 BIG-IP Local Traffic Manager (LTM) 13.x
F5 BIG-IP Application Security Manager (ASM) 13.x
F5 BIG-IP Local Traffic Manager (LTM) 14.x
F5 BIG-IP Access Policy Manager (APM) 12.x
F5 BIG-IP Access Policy Manager (APM) 13.x
F5 BIG-IP Advanced Firewall Manager (AFM) 12.x
F5 BIG-IP Advanced Firewall Manager (AFM) 13.x
F5 TMOS 12.x
F5 BIG-IP DNS (formerly Global Traffic Manager (GTM)) 12.x

Remediation

Update to version 12.1.4.1, 13.1.1.5, 14.0.0.5, or 14.1.0.6.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Local Privilege Escalation to Root via Sudo chroot in Linux

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – E-Invoice dropping Danabot Banking Trojan

Rewterz Threat Advisory – CVE-2019-6819 – Schneider Electric Modicon Controllers Denial of Service Vulnerability