Rapid7 Vulnerability & Exploit Database

F5 Networks: K45644893 (CVE-2019-6654): Martian address filtering vulnerability CVE-2019-6654

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

F5 Networks: K45644893 (CVE-2019-6654): Martian address filtering vulnerability CVE-2019-6654

Severity

CVSS

(AV:A/AC:L/Au:N/C:N/I:P/A:N)

Published

09/24/2019

Created

09/27/2019

Added

09/25/2019

Modified

03/03/2020

Description

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering (As defined in RFC 1812 section 5.3.7) on the control plane (management interface). This may allow attackers on an adjacent system to force BIG-IP into processing packets with spoofed source addresses.

Solution(s)

f5-big-ip-upgrade-latest

References

https://support.f5.com/csp/article/K45644893
CVE-2019-6654

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

F5 Networks: K45644893 (CVE-2019-6654): Martian address filtering vulnerability CVE-2019-6654

F5 Networks: K45644893 (CVE-2019-6654): Martian address filtering vulnerability CVE-2019-6654

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.