VYPR
Unrated severityNVD Advisory· Published Dec 23, 2019· Updated Aug 4, 2024

CVE-2019-6684

CVE-2019-6684

Description

On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing (vCMP) may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack.

Affected products

2
  • F5, Inc./Big IPllm-fuzzy2 versions
    15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, 11.5.2-11.6.5.1+ 1 more
    • (no CPE)range: 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, 11.5.2-11.6.5.1
    • (no CPE)range: 15.0.0-15.0.1.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.