CVE-2019-6651

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 15.0.0, 14.1.0 through 14.1.0.6, 14.0.0 through 14.0.0.5, 13.0.0 through 13.1.1.5, 12.1.0 through 12.1.4.1, 11.5.1 through 11.6.4 F5 BIG-IQ versions 7.0.0, 6.0.0 through 6.1.0, 5.2.0 through 5.4.0 F5 iWorkflow version 2.3.0 F5 Enterprise Manager version 3.1.1

Description The Configuration utility login page may not follow best security practices when handling a malicious request.

Recommendations For F5 BIG-IP versions 15.0.0, 14.1.0 through 14.1.0.6, 14.0.0 through 14.0.0.5, 13.0.0 through 13.1.1.5, 12.1.0 through 12.1.4.1, 11.5.1 through 11.6.4, consider updating to a version that addresses the security issue. For F5 BIG-IQ versions 7.0.0, 6.0.0 through 6.1.0, 5.2.0 through 5.4.0, consider updating to a version that addresses the security issue. For F5 iWorkflow version 2.3.0, consider updating to a version that addresses the security issue. For F5 Enterprise Manager version 3.1.1, consider updating to a version that addresses the security issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.