F5 Networks BIG-IP : BIG-IP restjavad vulnerability (K01049383)

medium Nessus Plugin ID 132549

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

Sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.
(CVE-2019-6662)

Impact

When logging invalid requests,such as HTTP code 400 errors, the restjavad process includes the request body in the log message. During authentication operations, the request body includes credentialsand potentially other sensitive data, which is propagated to the log. No information is directly exposed, and attacks will not be able to take control when 400 errors occur, butwhen the system is in a state in which processing errors occur, sensitive data may be logged. Users with access to logs will be able to view that data.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K01049383.

See Also

https://my.f5.com/manage/s/article/K01049383

Plugin Details

Severity: Medium

ID: 132549

File Name: f5_bigip_SOL01049383.nasl

Version: 1.4

Type: local

Published: 12/31/2019

Updated: 11/2/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS Score Source: CVE-2019-6662

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_domain_name_system, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip

Required KB Items: Host/local_checks_enabled, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version

Exploit Ease: No known exploits are available

Patch Publication Date: 11/14/2019

Vulnerability Publication Date: 11/15/2019

Reference Information

CVE: CVE-2019-6662