CVE-2019-6684
HIGHBIG-IP <15.0.1.1,14.1.2.2,13.1.3.1,12.1.5,11.6.5.1 - DoS
Title source: llmDescription
On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing (vCMP) may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K95117754
Scores
CVSS v3
7.5
EPSS
0.0089
EPSS Percentile
75.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (11)
f5/big-ip_access_policy_manager
11.5.2 - 11.6.5
f5/big-ip_advanced_firewall_manager
11.5.2 - 11.6.5
f5/big-ip_analytics
11.5.2 - 11.6.5
f5/big-ip_application_acceleration_manager
11.5.2 - 11.6.5
f5/big-ip_application_security_manager
11.5.2 - 11.6.5
f5/big-ip_domain_name_system
11.5.2 - 11.6.5
f5/big-ip_fraud_protection_service
11.5.2 - 11.6.5
f5/big-ip_global_traffic_manager
11.5.2 - 11.6.5
f5/big-ip_link_controller
11.5.2 - 11.6.5
f5/big-ip_local_traffic_manager
11.5.2 - 11.6.5
... and 1 more
Published
Dec 23, 2019
Tracked Since
Feb 18, 2026