ConfigSync vulnerability in F5

Overview :

F5 BIG-IP and Enterprise Manager may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings.

Affected Product(s) :

F5 BIG-IP 15.0.0
F5 BIG-IP 14.1.0-14.1.0.6
F5 BIG-IP 14.0.0-14.0.0.5
F5 BIG-IP 13.0.0-13.1.1.5
F5 BIG-IP 12.1.0-12.1.4.1
F5 BIG-IP 11.6.0-11.6.4
F5 BIG-IP 11.5.1-11.5.9
Enterprise Manager 3.1.1

Vulnerability Details :

CVE ID :	CVE-2019-6649
	F5 BIG-IP and Enterprise Manager may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings. (CVE-2019-6649)

Solution : F5 recommends upgrading to a fixed software version to fully mitigate this vulnerability.

Contact us to get started

CVE-2024-45663 : IBM DB2/DB2 CONNECT SERVER 11.1/11.5 QUERY DENIAL OF SERVICE

Description IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial

Learn more

CVE-2024-52739 : D-LINK DI-8400 16.07.26A1 MSP_INFO_HTM CMD PRIVILEGE ESCALATION

Description D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the

Learn more

CVE-2024-52769 : DEDEBIZ 6.3.0 FILE /ADMIN/FRIENDLINK_EDIT UNRESTRICTED UPLOAD

Description An arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via

Learn more