Denial of service in F5 Networks BIG-IP
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2019-11109 |
| CWE-ID | CWE-399 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
BIG-IP Hardware solutions / Firmware |
| Vendor | F5 Networks |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Resource management error
EUVDB-ID: #VU23814
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2019-11109
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to logic issues in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0. A local user can perform a denial of service attack.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
The following BIG-IP platforms are vulnerable:
- BIG-IP B2250, B4300, B4340N, B4450N
- BIG-IP 10000s, 10050s, 10150v-N, 10200v-S, 10250v, 10350v-N, 12250v
- VIPRION 2200
- BIG-IP i5000 series, i7000 series, i10000 series, i11000 series, i15000 series
BIG-IP: 11.5.2 - 15.0.1.1
CPE2.3 External linkshttp://support.f5.com/csp/article/K54164678
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
