CVE-2019-6673 : Security Advisory and Response
Learn about CVE-2019-6673, a vulnerability in F5 BIG-IP versions 15.0.0-15.0.1 and 14.0.0-14.1.2 that could lead to a denial of service attack. Find mitigation steps and preventive measures here.
A vulnerability in F5 BIG-IP versions 15.0.0-15.0.1 and 14.0.0-14.1.2 could allow for a denial of service (DoS) attack when configured in HTTP/2 Full Proxy mode.
Understanding CVE-2019-6673
If the BIG-IP is set up in HTTP/2 Full Proxy mode on affected versions, carefully crafted requests can disrupt the service provided by the Traffic Management Microkernel (TMM).
What is CVE-2019-6673?
This CVE identifies a vulnerability in F5 BIG-IP versions 15.0.0-15.0.1 and 14.0.0-14.1.2 that could be exploited to cause a DoS attack.
The Impact of CVE-2019-6673
The vulnerability allows attackers to send specially crafted requests that may lead to a disruption of services provided by the TMM, impacting the availability of the system.
Technical Details of CVE-2019-6673
The technical aspects of the vulnerability are as follows:
Vulnerability Description
When the affected versions of BIG-IP are in HTTP/2 Full Proxy mode, specific requests can trigger a service interruption by the TMM.
Affected Systems and Versions
- Product: BIG-IP
- Vendor: F5
- Versions: 15.0.0-15.0.1, 14.0.0-14.1.2
Exploitation Mechanism
Attackers can exploit this vulnerability by sending carefully crafted requests to the affected system, causing a DoS condition.
Mitigation and Prevention
To address CVE-2019-6673, consider the following steps:
Immediate Steps to Take
- Apply vendor-provided patches or updates promptly.
- Implement network-level controls to filter out malicious traffic.
Long-Term Security Practices
- Regularly monitor and audit network traffic for anomalies.
- Keep systems up to date with the latest security patches and configurations.
Patching and Updates
Ensure timely installation of security patches and updates provided by F5 to mitigate the vulnerability.