CVE-2019-6637

Name of the Vulnerable Software and Affected Versions BIG-IP (ASM) versions 12.1.0 through 12.1.4 BIG-IP (ASM) versions 13.0.0 through 13.1.1.4 BIG-IP (ASM) versions 14.0.0 through 14.0.0.4 BIG-IP (ASM) versions 14.1.0 through 14.1.0.5

Description The issue is related to the abuse of Application Security Manager (ASM) REST endpoints, which can cause instability in the BIG-IP system. This is due to excessive memory consumption, resulting in the Linux kernel triggering the OOM killer on arbitrary processes. The attack requires an authenticated user with a role of "Guest" or greater privilege.

Recommendations For BIG-IP (ASM) versions 12.1.0 through 12.1.4, consider restricting access to ASM REST endpoints to minimize the risk of exploitation. For BIG-IP (ASM) versions 13.0.0 through 13.1.1.4, consider restricting access to ASM REST endpoints to minimize the risk of exploitation. For BIG-IP (ASM) versions 14.0.0 through 14.0.0.4, consider restricting access to ASM REST endpoints to minimize the risk of exploitation. For BIG-IP (ASM) versions 14.1.0 through 14.1.0.5, consider restricting access to ASM REST endpoints to minimize the risk of exploitation.