Vulnerability Details CVE-2019-6631
On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/109119
- https://support.f5.com/csp/article/K19501795
- https://support.f5.com/csp/article/K19501795?utm_source=f5support&%3Butm_medium=RSS
- http://www.securityfocus.com/bid/109119
- https://support.f5.com/csp/article/K19501795
- https://support.f5.com/csp/article/K19501795?utm_source=f5support&%3Butm_medium=RSS
Products affected by CVE-2019-6631
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.10
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4.1
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4.2
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4.3
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4.4
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.5
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.6
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.7
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.8
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.9
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3.1
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3.2
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3.3
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3.4
-
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.4
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.10
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4.1
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4.2
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4.3
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4.4
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.5
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.6
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.7
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.8
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.9
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.2
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.3
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.3.1
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.3.2
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.3.3
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.3.4
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.4
-
cpe:2.3:a:f5:big-ip_analytics:11.5.10
-
cpe:2.3:a:f5:big-ip_analytics:11.5.2
-
cpe:2.3:a:f5:big-ip_analytics:11.5.3
-
cpe:2.3:a:f5:big-ip_analytics:11.5.4
-
cpe:2.3:a:f5:big-ip_analytics:11.5.4.2
-
cpe:2.3:a:f5:big-ip_analytics:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_analytics:11.5.4.3
-
cpe:2.3:a:f5:big-ip_analytics:11.5.4.4
-
cpe:2.3:a:f5:big-ip_analytics:11.5.5
-
cpe:2.3:a:f5:big-ip_analytics:11.5.6
-
cpe:2.3:a:f5:big-ip_analytics:11.5.7
-
cpe:2.3:a:f5:big-ip_analytics:11.5.8
-
cpe:2.3:a:f5:big-ip_analytics:11.5.9
-
cpe:2.3:a:f5:big-ip_analytics:11.6.0
-
cpe:2.3:a:f5:big-ip_analytics:11.6.1
-
cpe:2.3:a:f5:big-ip_analytics:11.6.2
-
cpe:2.3:a:f5:big-ip_analytics:11.6.3
-
cpe:2.3:a:f5:big-ip_analytics:11.6.3.1
-
cpe:2.3:a:f5:big-ip_analytics:11.6.3.2
-
cpe:2.3:a:f5:big-ip_analytics:11.6.3.3
-
cpe:2.3:a:f5:big-ip_analytics:11.6.3.4
-
cpe:2.3:a:f5:big-ip_analytics:11.6.4
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.10
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4.1
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4.2
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4.3
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4.4
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.5
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.6
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.7
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.8
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.9
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.2
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.3
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.3.1
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.3.2
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.3.3
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.3.4
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.4
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.10
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4.1
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4.2
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4.3
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4.4
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.5
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.6
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.7
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.8
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.9
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.2
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.3
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.3.1
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.3.2
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.3.3
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.3.4
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.4
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.10
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.2
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.3
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.4
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.4.4
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.5
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.6
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.7
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.8
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.5.9
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.6.0
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.6.1
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.6.2
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.6.3
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.6.3.1
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.6.3.2
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.6.3.3
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.6.3.4
-
cpe:2.3:a:f5:big-ip_domain_name_system:11.6.4
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.10
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.2
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.3
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.4
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.4.4
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.5
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.6
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.7
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.8
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.5.9
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.6.0
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.6.1
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.6.2
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.6.3
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.6.3.1
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.6.3.2
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.6.3.3
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.6.3.4
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.6.4
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.10
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4.1
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4.2
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4.3
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4.4
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.5
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.6
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.7
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.8
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.9
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.2
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.3
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.3.1
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.3.2
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.3.3
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.3.4
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.4
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.10
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.2
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.3
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.4
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.4.1
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.4.2
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.4.3
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.4.4
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.5
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.6
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.7
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.8
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.9
-
cpe:2.3:a:f5:big-ip_link_controller:11.6.0
-
cpe:2.3:a:f5:big-ip_link_controller:11.6.1
-
cpe:2.3:a:f5:big-ip_link_controller:11.6.2
-
cpe:2.3:a:f5:big-ip_link_controller:11.6.3
-
cpe:2.3:a:f5:big-ip_link_controller:11.6.3.1
-
cpe:2.3:a:f5:big-ip_link_controller:11.6.3.2
-
cpe:2.3:a:f5:big-ip_link_controller:11.6.3.3
-
cpe:2.3:a:f5:big-ip_link_controller:11.6.3.4
-
cpe:2.3:a:f5:big-ip_link_controller:11.6.4
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.10
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4.1
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4.2
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4.3
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4.4
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.5
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.6
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.7
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.8
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.9
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.1
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.2
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.3
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.4
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.4
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.10
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4.1
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4.2
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4.3
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4.4
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.5
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.6
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.7
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.8
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.9
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.2
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.3
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.3.1
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.3.2
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.3.3
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.3.4
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.4
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.10
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.2
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.3
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.4
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.4.2.74.291
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.4.4
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.5
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.6
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.7
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.8
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.5.9
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.6.0
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.6.1
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.6.2
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.6.3
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.6.3.1
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.6.3.2
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.6.3.3
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.6.3.4
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.6.4
-
cpe:2.3:a:f5:big-ip_websafe:11.5.2
-
cpe:2.3:a:f5:big-ip_websafe:11.5.3
-
cpe:2.3:a:f5:big-ip_websafe:11.5.4
-
cpe:2.3:a:f5:big-ip_websafe:11.5.4.4
-
cpe:2.3:a:f5:big-ip_websafe:11.5.5
-
cpe:2.3:a:f5:big-ip_websafe:11.5.6
-
cpe:2.3:a:f5:big-ip_websafe:11.5.7
-
cpe:2.3:a:f5:big-ip_websafe:11.5.8
-
cpe:2.3:a:f5:big-ip_websafe:11.5.9
-
cpe:2.3:a:f5:big-ip_websafe:11.6.0
-
cpe:2.3:a:f5:big-ip_websafe:11.6.1
-
cpe:2.3:a:f5:big-ip_websafe:11.6.2
-
cpe:2.3:a:f5:big-ip_websafe:11.6.3
-
cpe:2.3:a:f5:big-ip_websafe:11.6.4