CVE-2019-6665 : What You Need to Know
Learn about CVE-2019-6665 affecting F5 products like BIG-IP ASM, BIG-IQ, iWorkflow, and Enterprise Manager. Find out how attackers can intercept traffic and how to mitigate the vulnerability.
A vulnerability in F5 products allows attackers to configure and intercept traffic between devices.
Understanding CVE-2019-6665
What is CVE-2019-6665?
The vulnerability affects various F5 products, including BIG-IP ASM, BIG-IQ, iWorkflow, and Enterprise Manager, enabling attackers to manipulate device communication.
The Impact of CVE-2019-6665
The vulnerability permits attackers to intercept traffic between BIG-IP ASM Central Policy Builder and BIG-IQ/Enterprise Manager/F5 iWorkflow, potentially leading to unauthorized configuration changes and data interception.
Technical Details of CVE-2019-6665
Vulnerability Description
The flaw in F5 products allows attackers to exploit the proxy configuration, compromising the communication between devices.
Affected Systems and Versions
- BIG-IP ASM versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1
- BIG-IQ versions 6.0.0, 5.2.0-5.4.0
- iWorkflow version 2.3.0
- Enterprise Manager version 3.1.1
Exploitation Mechanism
Attackers with access to device communication can configure the proxy similarly to intercept traffic.
Mitigation and Prevention
Immediate Steps to Take
- Apply vendor-supplied patches promptly
- Monitor network traffic for any suspicious activity
- Restrict access to critical devices
Long-Term Security Practices
- Regularly update and patch F5 products
- Implement network segmentation to limit the attack surface
Patching and Updates
Ensure all F5 products are updated with the latest security patches to mitigate the vulnerability.