5
CVSSv2

CVE-2019-6602

Published: 28/03/2019 Updated: 03/04/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

F5 BIG-IP could allow a remote malicious user to bypass security restrictions, caused by the return of an inconsistent HTTP response when processing modified requests by the Configuration utility login page. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass restrictions and gain access to the device.

Vulnerability Trend

Affected Products

Vendor Product Versions
F5Big-ip Access Policy Manager11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Advanced Firewall Manager11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Analytics11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Application Acceleration Manager11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Application Security Manager11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Domain Name System11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Edge Gateway11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Fraud Protection Service11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Global Traffic Manager11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Link Controller11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Local Traffic Manager11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Policy Enforcement Manager11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.6.1, 11.6.2, 11.6.3
F5Big-ip Webaccelerator11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.6.1, 11.6.2, 11.6.3