National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2019-6649

Change History

Initial Analysis - 10/3/2019 12:13:38 PM

Action Type Old Value New Value
Changed Reference Type
https://support.f5.com/csp/article/K05123525 No Types Assigned
https://support.f5.com/csp/article/K05123525 Vendor Advisory
Added CWE
CWE-200
Added CVSS V2
NIST (AV:N/AC:M/Au:N/C:P/I:P/A:N)
Added CVSS V3.1
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_analytics:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_domain_name_system:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_edge_gateway:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_link_controller:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 11.5.2 up to (including) 11.5.9
     *cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 11.6.1 up to (including) 11.6.4
     *cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (including) 12.1.4
     *cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (including) 13.1.1
     *cpe:2.3:a:f5:big-ip_webaccelerator:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_webaccelerator:14.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*