PT-2019-18234 · F5 · F5 Big-Iq
Published
2019-09-25
·
Updated
2023-02-03
·
CVE-2019-6652
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IQ versions 6.0.0 through 6.1.0
Description
The issue concerns a lack of authentication and Transport Layer Security (TLS) in services for statistics. This means that these services can be accessed without proper verification and encryption, potentially exposing sensitive data.
Recommendations
For F5 BIG-IQ versions 6.0.0 through 6.1.0, consider implementing authentication and enabling Transport Layer Security (TLS) for services related to statistics to mitigate the risk of unauthorized access.
Fix
Missing Authentication
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
F5 Big-Iq