CVE-2019-6608

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 11.5.1 through 11.6.3 F5 BIG-IP versions 12.1.0 through 12.1.3 F5 BIG-IP versions 13.0.0 through 13.1.1.1 F5 BIG-IP versions 14.0.0 through 14.0.0.2

Description The issue is related to a memory leak in the snmpd daemon when processing authorized SNMP requests under certain conditions on a multi-blade BIG-IP vCMP guest.

Recommendations For F5 BIG-IP versions 11.5.1 through 11.6.3, update to a version outside of this range to resolve the issue. For F5 BIG-IP versions 12.1.0 through 12.1.3, update to a version outside of this range to resolve the issue. For F5 BIG-IP versions 13.0.0 through 13.1.1.1, update to a version outside of this range to resolve the issue. For F5 BIG-IP versions 14.0.0 through 14.0.0.2, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the snmpd daemon to minimize the risk of exploitation.