CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-6687

On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.0%

CVSS Severity

CVSS v3 Score 7.4

CVSS v2 Score 5.8

References

Products affected by CVE-2019-6687

F5 » Big-Ip Application Security Manager » Version: 15.0.0

cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0
F5 » Big-Ip Application Security Manager » Version: 15.0.1

cpe:2.3:a:f5:big-ip_application_security_manager:15.0.1
F5 » Big-Ip Application Security Manager » Version: 15.0.1.0.33.11

cpe:2.3:a:f5:big-ip_application_security_manager:15.0.1.0.33.11
F5 » Big-Ip Application Security Manager » Version: 15.0.1.0.48.11

cpe:2.3:a:f5:big-ip_application_security_manager:15.0.1.0.48.11
F5 » Big-Ip Application Security Manager » Version: 15.0.1.1

cpe:2.3:a:f5:big-ip_application_security_manager:15.0.1.1
F5 » Big-Ip Application Security Manager » Version: 15.0.1.2

cpe:2.3:a:f5:big-ip_application_security_manager:15.0.1.2
F5 » Big-Ip Application Security Manager » Version: 15.0.1.3

cpe:2.3:a:f5:big-ip_application_security_manager:15.0.1.3
F5 » Big-Ip Application Security Manager » Version: 15.0.1.4

cpe:2.3:a:f5:big-ip_application_security_manager:15.0.1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-6687

Products

Pricing

Contact Us