SB2019112602 - Multiple vulnerabilities in F5 Networks BIG-IP products

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-6664)

The vulnerability allows a remote attacker to gain access to otherwise restricted functionality.

The vulnerability exists due to network protections on the management port do not follow current best practices, under certain conditions. The default firewall rules for the management interface are not reliably reinstalled after first boot. As a result, a remote attacker can expose the management interface.

2) Improper Certificate Validation (CVE-ID: CVE-2019-6687)

The vulnerability allows a remote attacker to perform a man-in-the-middle attack.

The vulnerability exists due to the Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints. A remote attacker can perform a man-in-the-middle attack, intercept traffic destined for cloud services and read and modify data that is in transit.

Remediation

Install update from vendor's website.

References

• https://support.f5.com/csp/article/K03126093
• https://support.f5.com/csp/article/K59957337