CVE-2019-6604 : Exploit Details and Defense Strategies
Learn about CVE-2019-6604 affecting BIG-IP products. Discover the impact, affected versions, and mitigation steps to prevent a DoS attack due to a High-Speed Bridge lockup.
A vulnerability in certain versions of BIG-IP can lead to a High-Speed Bridge lockup under specific conditions, affecting various products and versions.
Understanding CVE-2019-6604
In specific scenarios, there is a possibility of the High-Speed Bridge freezing on hardware systems with non-default Layer 2 forwarding configurations in affected BIG-IP versions.
What is CVE-2019-6604?
The vulnerability can cause a lockup of the High-Speed Bridge on BIG-IP versions 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2.
The Impact of CVE-2019-6604
- Denial of Service (DoS) attack possibility due to the High-Speed Bridge lockup.
Technical Details of CVE-2019-6604
The vulnerability specifics and affected systems.
Vulnerability Description
Under certain conditions, hardware systems with a High-Speed Bridge and non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.
Affected Systems and Versions
- BIG-IP products including LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator
- Versions: 11.5.1-11.5.8, 11.6.1-11.6.3.4, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, 14.0.0-14.0.0.2
Exploitation Mechanism
The vulnerability occurs in hardware systems with specific configurations, leading to a freeze of the High-Speed Bridge.
Mitigation and Prevention
Steps to address and prevent the CVE-2019-6604 vulnerability.
Immediate Steps to Take
- Apply vendor-provided patches or updates promptly.
- Monitor F5 advisories for any further instructions.
Long-Term Security Practices
- Regularly update and patch BIG-IP systems.
- Implement secure network configurations and monitoring practices.
Patching and Updates
- Ensure all affected systems are updated with the latest patches from BIG-IP.