CVE-2019-6665
CRITICAL
9.4
CVSS Severity Score
Vulnerability Description
On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5 iWorkflow will be able to set up the proxy the same way and intercept the traffic.
Affected Platforms (CPE)
📦
F5
Big Ip Application Security Manager
>= 13.1.0 and <= 13.1.3.1📦
F5
Big Ip Application Security Manager
>= 14.0.0 and <= 14.0.1📦
F5
Big Ip Application Security Manager
>= 14.1.0 and <= 14.1.2📦
F5
Big Ip Application Security Manager
>= 15.0.0 and <= 15.0.1📦
F5
Big Iq Centralized Management
>= 5.2.0 and <= 5.4.0📦
F5
Big Iq Centralized Management
= 6.0.0📦
F5
Enterprise Manager
= 3.1.1📦
F5