CVE-2019-6665

Name of the Vulnerable Software and Affected Versions BIG-IP ASM versions 13.1.0 through 13.1.3.1 BIG-IP ASM versions 14.0.0 through 14.0.1 BIG-IP ASM versions 14.1.0 through 14.1.2 BIG-IP ASM versions 15.0.0 through 15.0.1 BIG-IQ versions 5.2.0 through 5.4.0 BIG-IQ version 6.0.0 Enterprise Manager version 3.1.1 iWorkflow version 2.3.0

Description An attacker with access to device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5 iWorkflow can set up a proxy to intercept traffic.

Recommendations For BIG-IP ASM versions 13.1.0 through 13.1.3.1, update to a version outside of this range to resolve the issue. For BIG-IP ASM versions 14.0.0 through 14.0.1, update to a version outside of this range to resolve the issue. For BIG-IP ASM versions 14.1.0 through 14.1.2, update to a version outside of this range to resolve the issue. For BIG-IP ASM versions 15.0.0 through 15.0.1, update to a version outside of this range to resolve the issue. For BIG-IQ versions 5.2.0 through 5.4.0, update to a version outside of this range to resolve the issue. For BIG-IQ version 6.0.0, update to a version outside of this range to resolve the issue. For Enterprise Manager version 3.1.1, update to a version outside of this range to resolve the issue. For iWorkflow version 2.3.0, update to a version outside of this range to resolve the issue.