CVE-2019-6664

Published: Nov 15, 2019
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-6664" target="_blank" rel="noopener"> CVE-2019-6664
Severity: High
Exploit:

On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.

CVSS v3:

CVSS v2:

No CWE or OWASP classifications available.

Software	From	Fixed in
f5 / big-ip_advanced_firewall_manager	15.0.0	15.0.0.x
f5 / big-ip_access_policy_manager	15.0.0	15.0.0.x
f5 / big-ip_application_acceleration_manager	15.0.0	15.0.0.x
f5 / big-ip_link_controller	15.0.0	15.0.0.x
f5 / big-ip_policy_enforcement_manager	15.0.0	15.0.0.x
f5 / big-ip_webaccelerator	15.0.0	15.0.0.x
f5 / big-ip_application_security_manager	15.0.0	15.0.0.x
f5 / big-ip_local_traffic_manager	15.0.0	15.0.0.x
f5 / big-ip_fraud_protection_service	15.0.0	15.0.0.x
f5 / big-ip_global_traffic_manager	15.0.0	15.0.0.x
f5 / big-ip_analytics	15.0.0	15.0.0.x
f5 / big-ip_edge_gateway	15.0.0	15.0.0.x
f5 / big-ip_domain_name_system	15.0.0	15.0.0.x
f5 / big-ip_access_policy_manager	14.1.0	14.1.2
f5 / big-ip_local_traffic_manager	14.1.0	14.1.2
f5 / big-ip_application_acceleration_manager	14.1.0	14.1.2
f5 / big-ip_advanced_firewall_manager	14.1.0	14.1.2
f5 / big-ip_analytics	14.1.0	14.1.2
f5 / big-ip_application_security_manager	14.1.0	14.1.2
f5 / big-ip_domain_name_system	14.1.0	14.1.2
f5 / big-ip_edge_gateway	14.1.0	14.1.2
f5 / big-ip_fraud_protection_service	14.1.0	14.1.2
f5 / big-ip_global_traffic_manager	14.1.0	14.1.2
f5 / big-ip_link_controller	14.1.0	14.1.2
f5 / big-ip_policy_enforcement_manager	14.1.0	14.1.2
f5 / big-ip_webaccelerator	14.1.0	14.1.2