2025-02-05 21:05:19 +00:00
{
"id" : "CVE-2025-20045" ,
"sourceIdentifier" : "f5sirt@f5.com" ,
"published" : "2025-02-05T18:15:29.760" ,
"lastModified" : "2025-02-05T18:15:29.760" ,
2025-02-16 03:03:51 +00:00
"vulnStatus" : "Awaiting Analysis" ,
2025-02-05 21:05:19 +00:00
"cveTags" : [ ] ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "When SIP session Application Level Gateway mode (ALG) profile with Passthru Mode enabled and SIP router ALG profile are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
2025-02-09 03:03:48 +00:00
} ,
{
"lang" : "es" ,
"value" : "Cuando el perfil de modo de puerta de enlace de nivel de aplicaci\u00f3n (ALG) de sesi\u00f3n SIP con modo Passthru habilitado y el perfil ALG SIP router se configuran en un servidor virtual de tipo de enrutamiento de mensajes, el tr\u00e1fico no revelado puede provocar la finalizaci\u00f3n del microkernel de administraci\u00f3n de tr\u00e1fico (TMM). Nota: Las versiones de software que han llegado al final del soporte t\u00e9cnico (EoTS) no se eval\u00faan."
2025-02-05 21:05:19 +00:00
}
] ,
"metrics" : {
"cvssMetricV40" : [
{
"source" : "f5sirt@f5.com" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "4.0" ,
"vectorString" : "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X" ,
"baseScore" : 8.7 ,
"baseSeverity" : "HIGH" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"attackRequirements" : "NONE" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
2025-03-02 03:03:52 +00:00
"vulnConfidentialityImpact" : "NONE" ,
"vulnIntegrityImpact" : "NONE" ,
"vulnAvailabilityImpact" : "HIGH" ,
"subConfidentialityImpact" : "NONE" ,
"subIntegrityImpact" : "NONE" ,
"subAvailabilityImpact" : "LOW" ,
2025-02-05 21:05:19 +00:00
"exploitMaturity" : "NOT_DEFINED" ,
2025-03-02 03:03:52 +00:00
"confidentialityRequirement" : "NOT_DEFINED" ,
"integrityRequirement" : "NOT_DEFINED" ,
"availabilityRequirement" : "NOT_DEFINED" ,
2025-02-05 21:05:19 +00:00
"modifiedAttackVector" : "NOT_DEFINED" ,
"modifiedAttackComplexity" : "NOT_DEFINED" ,
"modifiedAttackRequirements" : "NOT_DEFINED" ,
"modifiedPrivilegesRequired" : "NOT_DEFINED" ,
"modifiedUserInteraction" : "NOT_DEFINED" ,
2025-03-02 03:03:52 +00:00
"modifiedVulnConfidentialityImpact" : "NOT_DEFINED" ,
"modifiedVulnIntegrityImpact" : "NOT_DEFINED" ,
"modifiedVulnAvailabilityImpact" : "NOT_DEFINED" ,
"modifiedSubConfidentialityImpact" : "NOT_DEFINED" ,
"modifiedSubIntegrityImpact" : "NOT_DEFINED" ,
"modifiedSubAvailabilityImpact" : "NOT_DEFINED" ,
"Safety" : "NOT_DEFINED" ,
"Automatable" : "NOT_DEFINED" ,
"Recovery" : "NOT_DEFINED" ,
2025-02-05 21:05:19 +00:00
"valueDensity" : "NOT_DEFINED" ,
"vulnerabilityResponseEffort" : "NOT_DEFINED" ,
"providerUrgency" : "NOT_DEFINED"
}
}
] ,
"cvssMetricV31" : [
{
"source" : "f5sirt@f5.com" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" ,
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
"availabilityImpact" : "HIGH"
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
}
]
} ,
"weaknesses" : [
{
"source" : "f5sirt@f5.com" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-476"
}
]
}
] ,
"references" : [
{
"url" : "https://my.f5.com/manage/s/article/K000138932" ,
"source" : "f5sirt@f5.com"
}
]
}
