Sensitive Information Leakage in BIG-IP 13.1.0-13.1.1.4 through Invalid Request Handling

Sensitive Information Leakage in BIG-IP 13.1.0-13.1.1.4 through Invalid Request Handling

CVE-2019-6662 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.

Learn more about our User Device Pen Test.