{ "id": "CVE-2020-5856", "sourceIdentifier": "f5sirt@f5.com", "published": "2020-02-06T16:15:12.587", "lastModified": "2021-07-21T11:39:23.747", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specifically crafted traffic using the default 'xnet' driver, Virtual Edition instances hosted in Amazon Web Services (AWS) may experience a TMM restart." }, { "lang": "es", "value": "En BIG-IP versiones 15.0.0-15.0.1.1 y 14.1.0-14.1.2.2, mientras se procesa el tr\u00e1fico espec\u00edficamente dise\u00f1ado usando el controlador predeterminado \"xnet\", las instancias de Virtual Edition alojadas en Amazon Web Services (AWS) pueden experimentar un reinicio de TMM." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "751CDF0F-4490-48D7-9FA1-C93963D61783" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "FC5CA1E2-341C-42A9-88AC-E6C83DED0B9D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "10B3AA0A-A1E3-405F-AA45-E9EFC76E0C4D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "16EBA08B-8FBD-47BE-A5BE-F5145788E8CB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "FEA3E542-3A3E-43A1-8F7C-1539D1E23D53" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "9228FA0A-8745-4731-A214-5A8AC0AA902A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "3982981A-1CB7-4714-987D-DD8447C376C4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "8BC7ABB7-2FA9-42CA-9BEF-241A91F317FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "D7B3A867-DAD2-415D-A720-FA78CF59CE5B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "E08E3F72-4CEF-4607-8B27-515E6471B9D1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "BE821B81-45CF-4A7E-AB28-FB8203BD3801" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "9BE59364-3DB3-4528-AFC4-D3A39872514D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "216DAC69-3D5A-4285-85A8-31D724F9629C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "F14F10D9-4F2D-4C6D-8B0C-9775ED35DFEF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "42E5D1DB-8DB4-48F8-862A-1FA3F01378BE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "14CEF743-6C3B-4D90-99BF-6A27B37ADAEA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "F0A01C44-EBC3-4CCF-A405-A829DF26013A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "542EB351-79B1-4A9D-A5A1-2F3E0E88963C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "86B9622A-B52E-4447-A4D4-27178DEEA141" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "895E610D-52F6-45CA-B205-D110A1DC6BEC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.2.3", "matchCriteriaId": "58AC3067-23DE-4C2E-A0EF-FA471B6D23A3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.1.0", "matchCriteriaId": "4B114C6C-E950-4B75-B341-022799ABBACF" } ] } ] } ], "references": [ { "url": "https://support.f5.com/csp/article/K00025388", "source": "f5sirt@f5.com", "tags": [ "Vendor Advisory" ] } ] }