CVE-2019-6614
CVE-2019-6614
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
03 May 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. An authenticated attacker with a high privilege level may be able to bypass protections implemented in appliance mode to overwrite arbitrary system files.
Affected products
F5 · BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →