2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2020-5902" ,
"sourceIdentifier" : "f5sirt@f5.com" ,
"published" : "2020-07-01T15:15:15.360" ,
2024-11-23 13:10:58 +00:00
"lastModified" : "2024-11-21T05:34:47.723" ,
"vulnStatus" : "Modified" ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages."
} ,
{
"lang" : "es" ,
"value" : "En BIG-IP versiones 15.0.0 hasta 15.1.0.3, 14.1.0 hasta 14.1.2.5, 13.1.0 hasta 13.1.3.3, 12.1.0 hasta 12.1.5.1 y 11.6.1 hasta 11.6.5.1, el Traffic Management User Interface (TMUI), tambi\u00e9n se conoce como la utilidad de Configuraci\u00f3n, presenta una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota (RCE) en p\u00e1ginas no reveladas"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" ,
2024-11-23 13:10:58 +00:00
"baseScore" : 9.8 ,
"baseSeverity" : "CRITICAL" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-11-23 13:10:58 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 5.9
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:C/I:C/A:C" ,
2024-11-23 13:10:58 +00:00
"baseScore" : 10.0 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "COMPLETE" ,
"integrityImpact" : "COMPLETE" ,
2024-11-23 13:10:58 +00:00
"availabilityImpact" : "COMPLETE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 10.0 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
2024-11-23 13:10:58 +00:00
"cisaExploitAdd" : "2021-11-03" ,
"cisaActionDue" : "2022-05-03" ,
"cisaRequiredAction" : "Apply updates per vendor instructions." ,
"cisaVulnerabilityName" : "F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability" ,
2023-04-24 12:24:31 +02:00
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-22"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "BB236652-BD60-4FEF-9D59-8B49FB3A7655"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "EE0532FA-7B7B-46B3-AB10-0920034A7E43"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "592327AA-BCC4-4CD0-82C6-EA739F049E82"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "3A49F18E-2004-4BDB-BA3F-93C52B23CCA9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndIncluding" : "15.0.1.4" ,
"matchCriteriaId" : "65C2E51D-76FF-4604-B9A6-1EB48AAF1CA6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "11F32785-49DA-4C57-AD28-BC630E55222A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "ADB2B518-F813-4B11-BBF5-0BFB2979A6B8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "3B3DCE49-C37D-4951-AB57-7CDDEBA1C1E5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "3DD78D19-D17E-45EC-98C7-74D086AE68AA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "0CDD8550-E2BC-44B4-857C-706D2DC769F0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "5B59E16D-7645-492A-9C1D-A8724FFCA28F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "EFB71683-C715-41DB-A42E-4269D26D5DD3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "E64263B7-7BE1-472E-9130-7BC8F2932683"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "694C630B-5342-4C6C-A0FA-050B9C76936D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "EC400989-FE65-4DEC-B9DD-7BEF6EB72DC0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "708FD0A9-5167-45B5-80A1-85F105365C98"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "7FBF20C1-5B3C-4DC0-B6F7-4DB0205BF2B0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "B8434935-CE50-4CE7-BA17-6966E71BC9FD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "31E16A1B-E305-4390-976C-5F33A82EF396"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "0C3E75CB-C764-4868-8459-1FAC03506EE8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "F1C551C9-169C-450E-965A-4F9F3E2C785B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "32E6595B-27F1-4298-9B72-5618A5A0605A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "92F370C2-3C5A-416D-83C1-A4F84866E958"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "B8E7820D-A574-41C8-A602-05A825F26726"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "0FB118FB-2EFB-4F17-B6E1-FC4B46B9C265"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "5D3F7911-FB00-4612-9109-9E7A407BC7B7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "B547F46F-5563-4E7F-8B69-3D25C6C58521"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "6317DD02-5FC5-4476-8F63-8A7915440F94"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "997D12F1-098D-4C42-A6A2-B4F59AC78F0F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "A7B37CD3-4B52-4761-9BEC-5D4CC57783B8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "8999F566-9884-4CAA-BED7-8CF72F11E6F8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "91BF72A9-EB50-4315-B956-5926967DCC46"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "4AEE0B76-3F8E-420A-9589-BF3FDB942DEB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "BA19452D-9C3D-41FB-8606-51F90126B2A0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "E6C4B56F-D022-4268-9D78-6E4D12AE9215"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "A4C4B36F-ABA3-4C9C-BE94-389A91185CE5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "EC8B0F64-D0FC-4CC9-94CA-38A55043C529"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "39AECFF0-3A86-45A4-AB7F-DCC3717E8E97"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "3F8B4719-B7C7-4383-B74B-119DD5F51773"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "FE999923-5893-44D4-9212-E94990A3F1A7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "62F2CBB9-C4FE-4065-8F13-E677E572F4B9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "1E34F61C-1C60-4BA7-A282-C5B295A7241C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "F997F6D8-D08D-4EB0-BEA7-288AEFD6F28C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "73EC8EDA-669A-4750-934F-3B3FBF557080"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "C7917031-0735-483C-A8DA-11430056D568"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "357FD2B0-3437-4D26-9D84-FE1449E37A74"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "EAFC0D83-7F64-44F2-A014-37DE3CAF846A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "0DB7EE01-966A-40EB-8F49-AFE22B1FAF31"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "925DA0B2-7570-4819-845C-C35E5B168F80"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "A0581EEF-98E6-4961-8178-BA2D7647F931"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "FFC5C221-AE58-4580-876A-E5FD7970A695"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "5746AE6E-9D1B-4275-A756-4FFBEE9FC6D3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "920BC3DD-A1D4-403B-83D2-00636C20FFC0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "3CD1518D-E884-4B38-96CB-2C02493352B3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "A4A036A0-5E0C-4E64-B88D-D1B61257896E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "32773569-67FE-4F08-A613-E507FCDEACEF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "463AA399-492A-4DB6-BFD1-31725012AE8F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "A52B5EA8-31E5-4CDB-81FB-3AE8251F29CF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "49C8BE4A-DED6-451A-B6EE-AC95DD26F85A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "AB170091-1F18-46D7-8164-ACC9B05954E3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "97AB336E-2A10-4508-9F20-DB54D628355F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "4494F771-4026-478C-8004-B162653DC80C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "98314370-E3C8-4CB5-9F48-57004EB96D8F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "2B1AC241-FE68-4275-8992-7575AA8AD118"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "DEC0E30F-6550-4BC9-8DA7-6BD495DBF415"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "D30769C3-F8CB-491A-8E51-0147AA07DDA4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "54D289F0-1896-4996-AEDF-B299C6DB8945"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "A97489DC-A5DE-48AD-BBA2-F9078070F53A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "FBF128B7-874B-4E3A-B52F-1C2DE34F64A9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "29F4E502-D8D5-4719-986F-90BC08B3DC16"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "D5D90F4A-FA2A-412F-8591-D1CA6399ECAD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "ABAFAE9B-AA80-4D3B-AA3A-4ED5C3BE6113"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "78F7A30F-4455-420D-9254-E9910E16EC3F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "1EDB944B-DF60-45AF-AD60-33E9667E0D12"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "20C58940-C7A3-47A9-8C9E-7B652E4F4750"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "67516A0B-7359-42DE-B318-6979DEEFC229"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "BAD2867D-D646-4B01-A383-6A47B51D059E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "7E314109-D770-4055-9248-2BE25B0EF084"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.6.1" ,
"versionEndExcluding" : "11.6.5.2" ,
"matchCriteriaId" : "53F1F7BD-512D-46D4-A888-A2670DEB1C4F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.1.0" ,
"versionEndExcluding" : "12.1.5.2" ,
"matchCriteriaId" : "AE483701-8CB3-4745-BD47-B022EBEA2CA9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndExcluding" : "13.1.3.4" ,
"matchCriteriaId" : "57A7A47C-DBC5-4D1B-9C54-4A04C16BD904"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndExcluding" : "14.1.2.6" ,
"matchCriteriaId" : "6B4BC535-7F99-45F4-9094-29B52DEB8168"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.0.0" ,
"versionEndExcluding" : "15.0.1.4" ,
"matchCriteriaId" : "4F54A8AE-61F3-4F43-82BF-55842B56064A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.0.4" ,
"matchCriteriaId" : "0F20F608-2930-41F2-A720-B8638395FF44"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
2024-07-25 18:03:14 +00:00
"Exploit" ,
2023-04-24 12:24:31 +02:00
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
2024-07-25 18:03:14 +00:00
"Exploit" ,
2023-04-24 12:24:31 +02:00
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
2024-07-25 18:03:14 +00:00
"Exploit" ,
2023-04-24 12:24:31 +02:00
"Third Party Advisory" ,
"VDB Entry"
]
} ,
2023-11-14 05:00:21 +00:00
{
"url" : "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html" ,
2024-07-25 18:03:14 +00:00
"source" : "f5sirt@f5.com" ,
"tags" : [
"Exploit" ,
"Third Party Advisory" ,
"VDB Entry"
]
2023-11-14 05:00:21 +00:00
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
"Exploit" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
2024-07-25 18:03:14 +00:00
"Broken Link" ,
2023-04-24 12:24:31 +02:00
"Exploit" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://support.f5.com/csp/article/K52145254" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://swarm.ptsecurity.com/rce-in-f5-big-ip/" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
2024-07-25 18:03:14 +00:00
"Exploit" ,
2023-04-24 12:24:31 +02:00
"Third Party Advisory"
]
} ,
{
"url" : "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
"Exploit" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://www.kb.cert.org/vuls/id/290915" ,
"source" : "f5sirt@f5.com" ,
"tags" : [
"Third Party Advisory" ,
"US Government Resource"
]
2024-11-23 13:10:58 +00:00
} ,
{
"url" : "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Broken Link" ,
"Exploit" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://support.f5.com/csp/article/K52145254" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://swarm.ptsecurity.com/rce-in-f5-big-ip/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://www.kb.cert.org/vuls/id/290915" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory" ,
"US Government Resource"
]
2023-04-24 12:24:31 +02:00
}
]
}
