CVE-2019-6660 - Vulnerability Details

Vendors	Products
F5	Big-ip Access Policy Manager Big-ip Advanced Firewall Manager Big-ip Analytics Big-ip Application Acceleration Manager Big-ip Application Security Manager Big-ip Domain Name System Big-ip Edge Gateway Big-ip Fraud Protection Service Big-ip Global Traffic Manager Big-ip Link Controller Big-ip Local Traffic Manager Big-ip Policy Enforcement Manager Big-ip Webaccelerator

Link	Providers
https://support.f5.com/csp/article/K23860356

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "BIG-IP", "vendor": "n/a", "versions": [{"status": "affected", "version": "14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.1"}]}], "descriptions": [{"lang": "en", "value": "On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service."}], "problemTypes": [{"descriptions": [{"description": "DoS", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-11-15T20:31:33", "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.f5.com/csp/article/K23860356"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "f5sirt@f5.com", "ID": "CVE-2019-6660", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BIG-IP", "version": {"version_data": [{"version_value": "14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "DoS"}]}]}, "references": {"reference_data": [{"name": "https://support.f5.com/csp/article/K23860356", "refsource": "MISC", "url": "https://support.f5.com/csp/article/K23860356"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T20:31:02.513Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.f5.com/csp/article/K23860356"}]}]}, "cveMetadata": {"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "assignerShortName": "f5", "cveId": "CVE-2019-6660", "datePublished": "2019-11-15T20:31:33", "dateReserved": "2019-01-22T00:00:00", "dateUpdated": "2024-08-04T20:31:02.513Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : BIG-IP (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.1 (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : DoS (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2019-11-15T20:31:33 (string)

orgId : 9dacffd4-cb11-413f-8451-fbbfd4ddc0ab (string)

shortName : f5 (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.f5.com/csp/article/K23860356 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : f5sirt@f5.com (string)

ID : CVE-2019-6660 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : BIG-IP (string)

version : { »

version_data : [ »

0 : { »

version_value : 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.1 (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : DoS (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://support.f5.com/csp/article/K23860356 (string)

refsource : MISC (string)

url : https://support.f5.com/csp/article/K23860356 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T20:31:02.513Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.f5.com/csp/article/K23860356 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 9dacffd4-cb11-413f-8451-fbbfd4ddc0ab (string)

assignerShortName : f5 (string)

cveId : CVE-2019-6660 (string)

datePublished : 2019-11-15T20:31:33 (string)

dateReserved : 2019-01-22T00:00:00 (string)

dateUpdated : 2024-08-04T20:31:02.513Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "77A8EFA2-50FD-4187-A6F2-7E05A10585E5", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "58C8E163-2A45-4C64-A7C2-5686C1EB3C78", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "83963214-62C5-49F7-BA25-0D2440C910E8", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "13B9A1CD-831E-4026-81B8-DDB390D2A918", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E17D443D-9E5D-4F41-A539-6D7842B21E25", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "650355BC-70D0-49C2-9256-8D256A145038", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F3F7128-293E-4489-B2F2-E47B307D8855", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FA8C03D-3661-446D-B502-BEB52B7B6305", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB4031E1-43D6-4B54-BF77-AAB8B29399C3", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5F74476-72A3-4A29-BFB4-C908288B5DAD", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1503B2F8-3549-4E52-87E9-6F0FD91F1428", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BEBE938-67A7-43E8-8973-E749ACC32F64", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "332440D2-9E8D-4E9A-8CCB-224734F85DD9", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8BA9BE0-1646-41EF-BCE2-7BD4021196C5", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB776539-CD9F-4447-A2DC-9B7EF4DFE341", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1C3876D-E0E3-4D3A-AE2E-B84DC815AA83", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7B34FC0-168E-4CA8-B1F4-BDC0D2213280", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE667B60-8CA7-478E-AD76-1BDEBAE5A691", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "C7CB6D51-13EF-4E31-9D07-2A6596BED7B3", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "678B7FC3-6796-4159-BF2B-8FAD49E0F566", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "F61C9261-F842-47EB-87C8-F284EA9818AA", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "FEAE3B73-78A2-41B4-BBB5-0EF3E8BC01AD", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0E47FF6-A851-4588-9F39-B292D4147AE6", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7D18CF1-5C74-4681-B356-CB2DD75DBF19", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE3B2238-5593-43D5-AFFC-7F3F5D7A0C4B", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D960933D-9476-4473-A3FB-0032C051BE50", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0913B326-07B9-4133-8726-D5D34E7DB01B", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D2C10B3-8D78-42BD-9C3F-AFB5D231FD0E", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "44D33B41-F19D-4B46-9F9E-FC03051EBB0C", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD08072C-438D-41BF-976D-B1B006E55C1F", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6129CC28-2FA8-4FD8-824B-5BB8FFC67D2D", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "63529AEA-8B74-4CA1-BADF-14514D243DC5", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A4D87CCF-ED81-4B69-9D02-D5B79082E0FF", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "4007A096-2F53-4FAA-9429-48ED292D576F", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE65180C-47C8-41CF-B6C7-181259605B2C", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA2E2944-484A-47B5-947A-10C3C09E6C33", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB5339E8-42D8-400E-B40C-42DF2153CD12", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "54E703A5-F9F1-4DDA-8B70-D3C6F51038B6", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "226F4AFF-1A4F-48ED-9B4E-8CD6043AB53C", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service."}, {"lang": "es", "value": "En BIG-IP versiones 14.1.0 hasta 14.1.2, 14.0.0 hasta 14.0.1 y 13.1.0 hasta 13.1.1, unas peticiones HTTP no divulgadas pueden consumir cantidades excesivas de recursos del sistema, lo que puede conllevar a una denegaci\u00f3n de servicio."}], "id": "CVE-2019-6660", "lastModified": "2024-11-21T04:46:54.230", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-15T21:15:11.293", "references": [{"source": "f5sirt@f5.com", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K23860356"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K23860356"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 77A8EFA2-50FD-4187-A6F2-7E05A10585E5 (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 58C8E163-2A45-4C64-A7C2-5686C1EB3C78 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 83963214-62C5-49F7-BA25-0D2440C910E8 (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 13B9A1CD-831E-4026-81B8-DDB390D2A918 (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E17D443D-9E5D-4F41-A539-6D7842B21E25 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 650355BC-70D0-49C2-9256-8D256A145038 (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3F3F7128-293E-4489-B2F2-E47B307D8855 (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0FA8C03D-3661-446D-B502-BEB52B7B6305 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AB4031E1-43D6-4B54-BF77-AAB8B29399C3 (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F5F74476-72A3-4A29-BFB4-C908288B5DAD (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1503B2F8-3549-4E52-87E9-6F0FD91F1428 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5BEBE938-67A7-43E8-8973-E749ACC32F64 (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 332440D2-9E8D-4E9A-8CCB-224734F85DD9 (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B8BA9BE0-1646-41EF-BCE2-7BD4021196C5 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AB776539-CD9F-4447-A2DC-9B7EF4DFE341 (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F1C3876D-E0E3-4D3A-AE2E-B84DC815AA83 (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A7B34FC0-168E-4CA8-B1F4-BDC0D2213280 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BE667B60-8CA7-478E-AD76-1BDEBAE5A691 (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C7CB6D51-13EF-4E31-9D07-2A6596BED7B3 (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 678B7FC3-6796-4159-BF2B-8FAD49E0F566 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F61C9261-F842-47EB-87C8-F284EA9818AA (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FEAE3B73-78A2-41B4-BBB5-0EF3E8BC01AD (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A0E47FF6-A851-4588-9F39-B292D4147AE6 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B7D18CF1-5C74-4681-B356-CB2DD75DBF19 (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EE3B2238-5593-43D5-AFFC-7F3F5D7A0C4B (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D960933D-9476-4473-A3FB-0032C051BE50 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0913B326-07B9-4133-8726-D5D34E7DB01B (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8D2C10B3-8D78-42BD-9C3F-AFB5D231FD0E (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 44D33B41-F19D-4B46-9F9E-FC03051EBB0C (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BD08072C-438D-41BF-976D-B1B006E55C1F (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6129CC28-2FA8-4FD8-824B-5BB8FFC67D2D (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 63529AEA-8B74-4CA1-BADF-14514D243DC5 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A4D87CCF-ED81-4B69-9D02-D5B79082E0FF (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4007A096-2F53-4FAA-9429-48ED292D576F (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DE65180C-47C8-41CF-B6C7-181259605B2C (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AA2E2944-484A-47B5-947A-10C3C09E6C33 (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AB5339E8-42D8-400E-B40C-42DF2153CD12 (string)

versionEndExcluding : 13.1.3 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

37 : { »

criteria : cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 54E703A5-F9F1-4DDA-8B70-D3C6F51038B6 (string)

versionEndExcluding : 14.0.1.1 (string)

versionStartIncluding : 14.0.0 (string)

vulnerable : true (boolean)

}

38 : { »

criteria : cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 226F4AFF-1A4F-48ED-9B4E-8CD6043AB53C (string)

versionEndExcluding : 14.1.2.1 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service. (string)

}

1 : { »

lang : es (string)

value : En BIG-IP versiones 14.1.0 hasta 14.1.2, 14.0.0 hasta 14.0.1 y 13.1.0 hasta 13.1.1, unas peticiones HTTP no divulgadas pueden consumir cantidades excesivas de recursos del sistema, lo que puede conllevar a una denegación de servicio. (string)

}

]

id : CVE-2019-6660 (string)

lastModified : 2024-11-21T04:46:54.230 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2019-11-15T21:15:11.293 (string)

references : [ »

0 : { »

source : f5sirt@f5.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.f5.com/csp/article/K23860356 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.f5.com/csp/article/K23860356 (string)

}

]

sourceIdentifier : f5sirt@f5.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-400 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object