CVE-2019-6628 : Security Advisory and Response

This CVE-2019-6628 article provides insights into a vulnerability affecting F5's BIG-IP PEM versions 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, potentially leading to unexpected restarts of the TMM process.

Understanding CVE-2019-6628

This section delves into the details of the CVE-2019-6628 vulnerability affecting BIG-IP PEM.

What is CVE-2019-6628?

The TMM process on BIG-IP PEM versions 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4 may restart unexpectedly when handling traffic involving the OpenVPN classifier under specific circumstances.

The Impact of CVE-2019-6628

The vulnerability could result in a Denial of Service (DoS) condition due to the TMM process restarting during the processing of BIG-IP PEM traffic with the OpenVPN classifier.

Technical Details of CVE-2019-6628

This section provides technical insights into the CVE-2019-6628 vulnerability.

Vulnerability Description

Under certain conditions, the TMM process on BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4 may terminate and restart while handling traffic with the OpenVPN classifier.

Affected Systems and Versions

Product: BIG-IP PEM
Vendor: F5
Affected Versions: 14.1.0-14.1.0.5, 14.0.0-14.0.0.4

Exploitation Mechanism

The vulnerability triggers when processing BIG-IP PEM traffic involving the OpenVPN classifier, leading to TMM process restarts.

Mitigation and Prevention

Learn how to mitigate and prevent the CVE-2019-6628 vulnerability.

Immediate Steps to Take

Apply vendor-provided patches promptly.
Monitor F5 advisories for updates.
Implement network segmentation to limit exposure.

Long-Term Security Practices

Regularly update and patch F5 devices.
Conduct security assessments and audits.
Enhance network monitoring and anomaly detection.

Patching and Updates

Stay informed about security patches and updates from F5 to address the CVE-2019-6628 vulnerability.