CVE-2019-6602

Description

In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility login page may not follow best security practices when handling a malicious request.

Affected products

• BIG-IP / BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)11.5.1-11.5.8 – 11.5.1-11.5.8
• BIG-IP / BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)11.6.1-11.6.3.4 – 11.6.1-11.6.3.4

References

• MISChttps://support.f5.com/csp/article/K11818407
• MISChttp://www.securityfocus.com/bid/107626