CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-6636

On BIG-IP (AFM, ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a stored cross-site scripting vulnerability in AFM feed list. In the worst case, an attacker can store a CSRF which results in code execution as the admin user. The level of user role which can perform this attack are resource administrator and administrator.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.9%

CVSS Severity

CVSS v3 Score 8.4

CVSS v2 Score 8.5

References

Products affected by CVE-2019-6636

F5 » Big-Ip Advanced Firewall Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.3

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.3.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3.1
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.3.2

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3.2
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.3.3

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3.3
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.3.4

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3.4
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.3.5

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3.5
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.3.6

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3.6
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.3.7

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3.7
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.4

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.4
F5 » Big-Ip Advanced Firewall Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0
F5 » Big-Ip Advanced Firewall Manager » Version: 13.0.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.1
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.0
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.1
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.2
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.3
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.4

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.4
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.5

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.5
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.6

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.6
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.7

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.7
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.8

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.8
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.1
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.1.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.1.1
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.1.2

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.1.2
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.1.3

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.1.3
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.1.4

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.1.4
F5 » Big-Ip Advanced Firewall Manager » Version: 14.0.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0
F5 » Big-Ip Advanced Firewall Manager » Version: 14.0.0.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0.1
F5 » Big-Ip Advanced Firewall Manager » Version: 14.0.0.2

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0.2
F5 » Big-Ip Advanced Firewall Manager » Version: 14.0.0.3

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0.3
F5 » Big-Ip Advanced Firewall Manager » Version: 14.0.0.4

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0.4
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.1
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.2

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.2
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.2.0.45.4

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.2.0.45.4
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.2.0.62.4

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.2.0.62.4
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.3

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.3
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.3.0.79.6

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.3.0.79.6
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.3.0.97.6

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.3.0.97.6
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.3.0.99.6

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.3.0.99.6
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.5

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.5
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.5.0.15.5

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.5.0.15.5
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.5.0.36.5

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.5.0.36.5
F5 » Big-Ip Advanced Firewall Manager » Version: 14.1.0.5.0.40.5

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.5.0.40.5
F5 » Big-Ip Application Security Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0
F5 » Big-Ip Application Security Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0
F5 » Big-Ip Application Security Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1
F5 » Big-Ip Application Security Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2
F5 » Big-Ip Application Security Manager » Version: 12.1.3

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3
F5 » Big-Ip Application Security Manager » Version: 12.1.3.1

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3.1
F5 » Big-Ip Application Security Manager » Version: 12.1.3.2

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3.2
F5 » Big-Ip Application Security Manager » Version: 12.1.3.3

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3.3
F5 » Big-Ip Application Security Manager » Version: 12.1.3.4

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3.4
F5 » Big-Ip Application Security Manager » Version: 12.1.3.5

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3.5
F5 » Big-Ip Application Security Manager » Version: 12.1.3.6

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3.6
F5 » Big-Ip Application Security Manager » Version: 12.1.3.7

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3.7
F5 » Big-Ip Application Security Manager » Version: 12.1.4

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.4
F5 » Big-Ip Application Security Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0
F5 » Big-Ip Application Security Manager » Version: 13.0.1

cpe:2.3:a:f5:big-ip_application_security_manager:13.0.1
F5 » Big-Ip Application Security Manager » Version: 13.1.0

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0
F5 » Big-Ip Application Security Manager » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.0
F5 » Big-Ip Application Security Manager » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.1
F5 » Big-Ip Application Security Manager » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.2
F5 » Big-Ip Application Security Manager » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.3
F5 » Big-Ip Application Security Manager » Version: 13.1.0.4

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.4
F5 » Big-Ip Application Security Manager » Version: 13.1.0.5

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.5
F5 » Big-Ip Application Security Manager » Version: 13.1.0.6

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.6
F5 » Big-Ip Application Security Manager » Version: 13.1.0.7

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.7
F5 » Big-Ip Application Security Manager » Version: 13.1.0.8

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.8
F5 » Big-Ip Application Security Manager » Version: 13.1.1

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.1
F5 » Big-Ip Application Security Manager » Version: 13.1.1.1

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.1.1
F5 » Big-Ip Application Security Manager » Version: 13.1.1.2

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.1.2
F5 » Big-Ip Application Security Manager » Version: 13.1.1.3

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.1.3
F5 » Big-Ip Application Security Manager » Version: 13.1.1.4

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.1.4
F5 » Big-Ip Application Security Manager » Version: 14.0.0

cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0
F5 » Big-Ip Application Security Manager » Version: 14.0.0.1

cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0.1
F5 » Big-Ip Application Security Manager » Version: 14.0.0.2

cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0.2
F5 » Big-Ip Application Security Manager » Version: 14.0.0.3

cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0.3
F5 » Big-Ip Application Security Manager » Version: 14.0.0.4

cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0.4
F5 » Big-Ip Application Security Manager » Version: 14.1.0

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0
F5 » Big-Ip Application Security Manager » Version: 14.1.0.1

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.1
F5 » Big-Ip Application Security Manager » Version: 14.1.0.2

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.2
F5 » Big-Ip Application Security Manager » Version: 14.1.0.2.0.45.4

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.2.0.45.4
F5 » Big-Ip Application Security Manager » Version: 14.1.0.2.0.62.4

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.2.0.62.4
F5 » Big-Ip Application Security Manager » Version: 14.1.0.3

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.3
F5 » Big-Ip Application Security Manager » Version: 14.1.0.3.0.79.6

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.3.0.79.6
F5 » Big-Ip Application Security Manager » Version: 14.1.0.3.0.97.6

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.3.0.97.6
F5 » Big-Ip Application Security Manager » Version: 14.1.0.3.0.99.6

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.3.0.99.6
F5 » Big-Ip Application Security Manager » Version: 14.1.0.5

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.5
F5 » Big-Ip Application Security Manager » Version: 14.1.0.5.0.15.5

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.5.0.15.5
F5 » Big-Ip Application Security Manager » Version: 14.1.0.5.0.36.5

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.5.0.36.5
F5 » Big-Ip Application Security Manager » Version: 14.1.0.5.0.40.5

cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.5.0.40.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-6636

Products

Pricing

Contact Us