Denial of service in F5 Networks BIG-IP

Published: 2019-12-28
Risk Low
Patch available NO
Number of vulnerabilities 1
CVE-ID CVE-2019-11109
Exploitation vector Local
Public exploit N/A
Vulnerable software
Hardware solutions / Firmware

Vendor F5 Networks

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Resource management error

EUVDB-ID: #VU23814

Risk: Low


CVE-ID: CVE-2019-11109

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No


The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to logic issues in the subsystem for Intel(R) SPS before versions SPS_E5_04., SPS_SoC-X_04. and SPS_SoC-A_04. A local user can perform a denial of service attack.


Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

The following BIG-IP platforms are vulnerable:

  • BIG-IP B2250, B4300, B4340N, B4450N
  • BIG-IP 10000s, 10050s, 10150v-N, 10200v-S, 10250v, 10350v-N, 12250v
  • VIPRION 2200
  • BIG-IP i5000 series, i7000 series, i10000 series, i11000 series, i15000 series

Vulnerable software versions

BIG-IP: 11.5.2 -

CPE2.3 External links

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?