VYPR
Unrated severityNVD Advisory· Published Sep 4, 2019· Updated Aug 4, 2024

CVE-2019-6644

CVE-2019-6644

Description

Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in debug mode and the port is accessible.

Affected products

2
  • F5/BIG-IPdescription
  • F5, Inc./Big IPllm-fuzzy
    Range: 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.