F5 BIG-IP/BIG-IQ/iWorkflow/Enterprise Manager Configuration Utility Login Page Request unknown vulnerability
| CVSS Meta Temp Score | Current Exploit Price (โ) |
|---|---|
| 5.5 | $25k-$100k |
A vulnerability was found in F5 BIG-IP, BIG-IQ, iWorkflow and Enterprise Manager (Firewall Software) (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown code block of the component Configuration Utility Login Page. The manipulation as part of a Request leads to a unknown weakness. The impact remains unknown. The summary by CVE is:
In BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.5.1-11.6.4, BIG-IQ 7.0.0, 6.0.0-6.1.0,5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, the Configuration utility login page may not follow best security practices when handling a malicious request.
The weakness was published 09/25/2019. This vulnerability is known as CVE-2019-6651 since 01/22/2019. The technical details are unknown and an exploit is not publicly available. The pricing for an exploit might be around USD $25k-$100k at the moment (estimation calculated on 09/26/2019).
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Type
Vendor
Name
Class: Unknown
Local: Yes
Remote: No
Availability: ๐
Status: Not defined
Price Prediction: ๐
Current Price Estimation: ๐
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Threat: ๐
Adversaries: ๐
Geopolitics: ๐
Economy: ๐
Predictions: ๐
Remediation: ๐Recommended: no mitigation known
0-Day Time: ๐
01/22/2019 CVE assigned
09/25/2019 Advisory disclosed
09/26/2019 VulDB entry created
09/26/2019 VulDB last updateVendor: f5.com
CVE: CVE-2019-6651 (๐)Created: 09/26/2019 12:53 PM
Complete: ๐
Check our Alexa App!
https://vuldb.com/?id.142315
Gloss