{"id": "CVE-2019-11479", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "security@ubuntu.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-06-19T00:15:12.767", "references": [{"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.securityfocus.com/bid/108818", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@ubuntu.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1594", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1602", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1699", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://access.redhat.com/security/vulnerabilities/tcpsack", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "source": "security@ubuntu.com"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "source": "security@ubuntu.com"}, {"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md", "tags": ["Patch", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10287", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://security.netapp.com/advisory/ntap-20190625-0001/", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://support.f5.com/csp/article/K35421172", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://support.f5.com/csp/article/K35421172?utm_source=f5support&%3Butm_medium=RSS", "source": "security@ubuntu.com"}, {"url": "https://usn.ubuntu.com/4041-1/", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://usn.ubuntu.com/4041-2/", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic", "tags": ["Mitigation", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://www.kb.cert.org/vuls/id/905115", "tags": ["Third Party Advisory", "US Government Resource"], "source": "security@ubuntu.com"}, {"url": "https://www.oracle.com/security-alerts/cpujan2020.html", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "source": "security@ubuntu.com"}, {"url": "https://www.synology.com/security/advisory/Synology_SA_19_28", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03", "tags": ["Third Party Advisory", "US Government Resource"], "source": "security@ubuntu.com"}, {"url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-06", "tags": ["Third Party Advisory", "US Government Resource"], "source": "security@ubuntu.com"}, {"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/108818", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1594", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1602", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1699", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/security/vulnerabilities/tcpsack", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10287", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20190625-0001/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.f5.com/csp/article/K35421172", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.f5.com/csp/article/K35421172?utm_source=f5support&%3Butm_medium=RSS", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://usn.ubuntu.com/4041-1/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://usn.ubuntu.com/4041-2/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic", "tags": ["Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.kb.cert.org/vuls/id/905115", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpujan2020.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.synology.com/security/advisory/Synology_SA_19_28", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-06", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security@ubuntu.com", "description": [{"lang": "en", "value": "CWE-405"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363."}, {"lang": "es", "value": "Jonathan Looney descubri\u00f3 que el tama\u00f1o m\u00e1ximo de segmento (MSS) por defecto del kernel de Linux est\u00e1 codificado a 48 bytes. Esto permite a un peer remoto fragmentar las colas de reenv\u00edo de TCP significativamente m\u00e1s que si se aplicara un MSS m\u00e1s grande. Un atacante remoto podr\u00eda usar esto para causar una denegaci\u00f3n de servicio. Esto se ha corregido en versiones de kernel estables 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, y se corrige en los commits 967c05aee439e6e5d7d805e195b3a20f5c433d6 y 5f3e2bf008c2221478101ee72f5c4ccccc"}], "lastModified": "2024-11-21T04:21:09.880", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "615F0E94-7028-46AC-8596-B2E2954ABD6E", "versionEndExcluding": "4.4.182", "versionStartIncluding": "4.4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F75BEF6-57E1-47B5-BDF0-0008301F86FD", "versionEndExcluding": "4.9.182", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C4BEC3E-CBB3-4E58-852E-5CB83C138CE4", "versionEndExcluding": "4.14.127", "versionStartIncluding": "4.14"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BEA51EC-8392-483C-B680-1B4E5C2BC2DB", "versionEndExcluding": "4.19.52", "versionStartIncluding": "4.19"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAC35790-3805-476A-9F12-45973E609A23", "versionEndExcluding": "5.1.11", "versionStartIncluding": "5.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEBEAED8-341C-4C26-B55D-F6176D7BB2C7", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1845A169-7B6C-4B7D-B8FC-0245DC1B4EEF", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1212E1D-1A8F-4C6C-9472-22CE48F21B61", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E17D443D-9E5D-4F41-A539-6D7842B21E25", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55FD34B0-E77C-4C4B-B278-624EF047415D", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FFA9687-4655-4C45-ACE2-A957457BBD8B", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "270B50ED-8C7C-4FFC-90D2-1F3AE322D2AE", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA130AF7-C25F-4C0B-ACAF-E7436C722431", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AE785C8-06CA-4B15-A72D-A7EB0F0895D7", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58C8E163-2A45-4C64-A7C2-5686C1EB3C78", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26AFAAA7-73A9-4F50-9028-467ED5781DB4", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C24A8114-31AE-47C2-9FEE-52B69585D56A", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9F325BF-D919-4258-A418-7057B1AF7361", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F3CFB0D-DDA1-4CFF-BAB4-96EF72F4F777", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4D99030-AEA2-4DDF-AD7D-0ED66913D6FA", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1503B2F8-3549-4E52-87E9-6F0FD91F1428", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39A6D62D-BD9C-4BEA-B728-4B4E5857E201", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3922DE9-3D92-484E-9BA2-1C278A6EDECE", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1655EA50-55B6-418A-B2FC-D40A0BFD3C02", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFA7EEBD-F6F6-4243-B57D-BE210D8E16CF", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2596EE8-47D2-41E1-BD32-955D80FD697B", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44D33B41-F19D-4B46-9F9E-FC03051EBB0C", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EA95D57-BBD5-4449-8F62-0B5C53F8E962", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6300DC5-7D1F-4098-AD61-2826252A1C63", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF9F166F-178C-4659-B323-9C6F754EB3D6", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9866C62F-DA11-43B1-B475-A07B1B58933D", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "272A20C4-70D7-43AB-8B62-132466AB1E35", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE65180C-47C8-41CF-B6C7-181259605B2C", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC8932E7-68AF-4850-9952-1275856EE198", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8E67E0B-E542-4863-99D8-B3836ECDC04D", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CC75783-D714-4095-8F2B-62AB6F9176B1", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC99D7B3-65E5-4C9E-9D34-FF9161295F86", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F439E03A-FCE0-4865-986B-E21D52ED4470", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54E703A5-F9F1-4DDA-8B70-D3C6F51038B6", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D5F5BE5-319B-4358-8301-A59145F5E913", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0F6FDF3-A70E-4F37-975F-85735776B4B8", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89B75BB7-5C62-45C2-8C44-1B52FB6DBAC0", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C21D1B2-2424-4A56-A179-431EDC41B929", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19699BA9-2324-40C5-81B9-0EA6A45109AA", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8BA9BE0-1646-41EF-BCE2-7BD4021196C5", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFE32931-B9F0-4907-9370-E31F6862463E", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A58BD3F-F6D7-4EB3-B108-FEAA39262B75", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1405C4B2-C3BB-4FD9-A0BA-5577B9E6D98E", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "591EA641-C103-4575-97D5-15D41B20E581", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3F3F4FD-8BB9-468D-B50F-B25B17AF0F3A", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63529AEA-8B74-4CA1-BADF-14514D243DC5", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C86750D-6944-4086-B06E-AEB186B6FD16", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5485F6ED-F324-4124-9116-79E70909C5F7", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7695656A-4E55-46A1-9243-C153C644C6F6", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95EDA820-6FDE-44B9-89CE-B83847416CF4", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FEAA997-2F7E-4E93-AEAA-33215A6C09A9", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0E47FF6-A851-4588-9F39-B292D4147AE6", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4971E086-5B5B-45A9-9940-1241027D72C5", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEEB875C-E0EC-467B-9296-861F042AED67", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE38A138-9145-4803-BB72-A86DD0C6036A", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFF4B95E-40C6-4C8F-81BD-172A907CA5FD", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67AA4DB9-A5B6-4AF2-B6FC-3C21913264BD", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D960933D-9476-4473-A3FB-0032C051BE50", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8C2837A-1DB2-4FD1-831A-9C2F3D5FF171", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFFE4B6E-DB23-45FB-9075-FC6B52FC18FC", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "935B69E4-BE3C-48C8-952B-8234BFFF9264", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09F6EC13-4398-48CB-B999-14FABE281247", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E606B713-528D-4C6D-98C4-E9A93DB7A8E8", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FA8C03D-3661-446D-B502-BEB52B7B6305", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F36620C8-27C9-43A3-9C97-788145D509D9", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28054725-6775-4AEE-B686-FB690894D1C6", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF928EA3-2883-4679-BF98-5B064DD19F3A", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7DEDB9D-58DB-45EB-91EA-8A6694E4F29A", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34F29398-32A5-48F6-B144-B184BFFB1034", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "678B7FC3-6796-4159-BF2B-8FAD49E0F566", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59ABE79F-7C3E-4244-BD2B-F9CC3A3A71E4", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC4E7530-C750-4AE5-A98D-12F3E3819869", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D1D81B3-B059-41A7-9DD1-101A2E199005", "versionEndExcluding": "11.6.5.1", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E69B6320-088E-445D-8863-34CF67F172F3", "versionEndExcluding": "12.1.5.1", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21987539-682A-4F8F-9FE7-526A054705FF", "versionEndExcluding": "13.1.3.2", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7B34FC0-168E-4CA8-B1F4-BDC0D2213280", "versionEndExcluding": "14.0.1.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3C12B9E-4995-47A2-8E3B-089C096469E8", "versionEndExcluding": "14.1.2.1", "versionStartIncluding": "14.1.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCB0A0A1-244E-432F-8144-9770CC4AB696", "versionEndExcluding": "15.0.1.1", "versionStartIncluding": "15.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "928A7D30-8099-47B8-A1D2-A4997F54C1C2", "versionEndIncluding": "5.4.0", "versionStartIncluding": "5.1.0"}, {"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F37D18F2-8C6A-4557-85DC-2A751595423C", "versionEndIncluding": "6.1.0", "versionStartIncluding": "6.0.0"}, {"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040"}, {"criteria": "cpe:2.3:a:f5:iworkflow:2.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3CE7526-9630-48EF-81FB-44904AF0653F"}, {"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700", "versionEndIncluding": "5.1.0", "versionStartIncluding": "5.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@ubuntu.com"}