2019-01-22 16:04:06 -05:00
|
|
|
{
|
2019-09-25 18:01:00 +00:00
|
|
|
"data_type": "CVE",
|
|
|
|
|
"data_format": "MITRE",
|
|
|
|
|
"data_version": "4.0",
|
2019-03-18 07:09:00 +00:00
|
|
|
"CVE_data_meta": {
|
|
|
|
|
"ID": "CVE-2019-6652",
|
2019-09-25 18:01:00 +00:00
|
|
|
"ASSIGNER": "f5sirt@f5.com",
|
|
|
|
|
"STATE": "PUBLIC"
|
|
|
|
|
},
|
|
|
|
|
"affects": {
|
|
|
|
|
"vendor": {
|
|
|
|
|
"vendor_data": [
|
|
|
|
|
{
|
|
|
|
|
"vendor_name": "n/a",
|
|
|
|
|
"product": {
|
|
|
|
|
"product_data": [
|
|
|
|
|
{
|
|
|
|
|
"product_name": "BIG-IQ",
|
|
|
|
|
"version": {
|
|
|
|
|
"version_data": [
|
|
|
|
|
{
|
|
|
|
|
"version_value": "6.0.0-6.1.0"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"problemtype": {
|
|
|
|
|
"problemtype_data": [
|
|
|
|
|
{
|
|
|
|
|
"description": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "eng",
|
|
|
|
|
"value": "Information leakage"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"references": {
|
|
|
|
|
"reference_data": [
|
|
|
|
|
{
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "https://support.f5.com/csp/article/K23101430",
|
|
|
|
|
"url": "https://support.f5.com/csp/article/K23101430"
|
2019-10-09 20:01:27 +00:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"refsource": "CONFIRM",
|
|
|
|
|
"name": "https://support.f5.com/csp/article/K23101430?utm_source=f5support&utm_medium=RSS",
|
|
|
|
|
"url": "https://support.f5.com/csp/article/K23101430?utm_source=f5support&utm_medium=RSS"
|
2019-09-25 18:01:00 +00:00
|
|
|
}
|
|
|
|
|
]
|
2019-03-18 07:09:00 +00:00
|
|
|
},
|
|
|
|
|
"description": {
|
|
|
|
|
"description_data": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "eng",
|
2019-09-25 18:01:00 +00:00
|
|
|
"value": "In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any form of Transport Layer Security (TLS)."
|
2019-03-18 07:09:00 +00:00
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|
