CVE-2019-6688

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 11.5.2 through 11.6.5 F5 BIG-IP versions 12.1.0 through 12.1.5 F5 BIG-IP versions 13.1.0 through 13.1.3.1 F5 BIG-IP versions 14.0.0 through 14.0.1 F5 BIG-IP versions 14.1.0 through 14.1.2.2 F5 BIG-IP versions 15.0.0 through 15.0.1.1 F5 BIG-IQ versions 5.2.0 through 5.4.0 F5 BIG-IQ versions 6.0.0 through 6.1.0

Description A security issue allows a user to obtain the secret used to encrypt a BIG-IP UCS backup file when sending an SNMP query to the BIG-IP or BIG-IQ system. However, the user cannot access the UCS files.

Recommendations For F5 BIG-IP versions 11.5.2 through 11.6.5, update to a fixed version to prevent the exposure of the encryption secret. For F5 BIG-IP versions 12.1.0 through 12.1.5, update to a fixed version to prevent the exposure of the encryption secret. For F5 BIG-IP versions 13.1.0 through 13.1.3.1, update to a fixed version to prevent the exposure of the encryption secret. For F5 BIG-IP versions 14.0.0 through 14.0.1, update to a fixed version to prevent the exposure of the encryption secret. For F5 BIG-IP versions 14.1.0 through 14.1.2.2, update to a fixed version to prevent the exposure of the encryption secret. For F5 BIG-IP versions 15.0.0 through 15.0.1.1, update to a fixed version to prevent the exposure of the encryption secret. For F5 BIG-IQ versions 5.2.0 through 5.4.0, update to a fixed version to prevent the exposure of the encryption secret. For F5 BIG-IQ versions 6.0.0 through 6.1.0, update to a fixed version to prevent the exposure of the encryption secret.