{ "id": "CVE-2020-5929", "sourceIdentifier": "f5sirt@f5.com", "published": "2020-09-25T14:15:13.970", "lastModified": "2024-11-21T05:34:50.820", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability." }, { "lang": "es", "value": "En las versiones 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1 y 11.6.1-11.6.2, las plataformas BIG-IP con tarjetas de aceleraci\u00f3n de hardware Cavium Nitrox SSL, un Servidor Virtual configurado con un perfil SSL de Cliente, y el uso de intercambio de Claves Diffie-Hellman de Anonymous (ADH) o Ephemeral (DHE) y la opci\u00f3n de uso Single DH no habilitada en la lista de opciones puede ser vulnerable a protocolos de enlace SSL/TLS dise\u00f1ados que pueden resultar con un PMS (Pre-Master Secret) que comienza en un byte 0 y puede conllevar a la recuperaci\u00f3n de mensajes de texto plano, ya que BIG-IP TLS/SSL ADH/DHE env\u00eda diferentes mensajes de error que act\u00faan como un or\u00e1culo. Los mensajes de error similares cuando PMS comienza con 0 bytes junto con una observaci\u00f3n de medici\u00f3n de tiempo muy precisa tambi\u00e9n pueden exponer esta vulnerabilidad" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "exploitabilityScore": 2.2, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "baseScore": 2.6, "accessVector": "NETWORK", "accessComplexity": "HIGH", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "baseSeverity": "LOW", "exploitabilityScore": 4.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-203" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "70FF147E-70DD-4FE1-9778-D9A190653B32" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "A9037A34-60F5-4A75-9B1E-63992472668B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "EF594CCA-2FE4-4233-B5E8-E24FDA0631FC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "F0800BF9-76E5-4D1A-A4E1-B9827C2ABB74" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "5EACB885-3BB2-4291-BC79-57CA189F03CC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "DEC8423E-1AD9-4EAC-8233-C580001DFBEB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "07DE0F37-E908-4102-B504-9E56322C28BB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "22910FCA-BE87-4F61-A1C4-C13D8E54795C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "F112F302-F738-434B-BFD1-848AC0345F7D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "AB5C57D2-23E7-442A-9CF7-40996E07EFE0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "C5E40B55-CBAF-45D7-85A7-2645EE79074D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "8E8037A0-63AA-48DD-AF9B-0DE6372A82A2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "0A90C209-002D-4629-9BF7-1A0E1CD63164" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "3E31B7D5-CD57-40DE-A4DA-CEA4ED72A72D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "E5865312-86A6-4BF1-906F-14821A825F26" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "C9265E7A-ADEE-4A3D-9D93-5B023B1BC7B7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "042D3A19-2F4D-45D4-97A4-C1EC6352F389" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "8A473F59-33D8-4496-AE7E-8804C6CEA79D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "6155F5C7-08ED-4E89-9981-1C6892C7B950" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "7FA3C044-3E22-4913-AD5F-C16D8E69064A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "CC828D69-7ADF-4F91-8AAA-573F8E755BCB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "2D79EEB5-1D2B-406F-80F4-411B8D1082E1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "21ED963D-F796-48B7-B8B9-16AF04121DAB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "E475B23E-4828-4D9A-8C8C-98735A08C7DA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "6CCB33B3-1035-4F6D-AF86-2BFF75B3E5AD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "77C1AAC1-9404-415A-BE58-0E8E4FBEEB3A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "561E3C54-4B3A-45DD-A72F-A080343257D8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "41E9AFDB-185C-40F8-B538-B11C157CACA6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "91598B5F-2FB1-4FE3-8736-14A5F20FEFAE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "37DBEC42-49E4-41FF-A5CF-B2C1769BD7A9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "BA170BC1-505E-49FE-AD37-B5FAC70C9ECD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "2EA52E3C-349A-4A6F-8167-40343BCF60EB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "281403D0-773D-4F37-83EE-F62EF96B3B72" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "EE23E4A6-B8B4-4738-9C4F-8F037EAE1F02" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "BC152A60-A74C-462A-88BA-28EC5922BFF6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "306D8178-9362-4E83-8CBC-7FE594875418" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "EB950A9D-3444-45EA-BDEE-DC0814FFC820" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "5FD91B30-E127-49B7-BFC0-20F5AFA04156" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "0B8A00CA-1577-4674-AAF7-335D3846CED4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "3C5937EE-EA57-4918-A5B8-FD8C05D7D39C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "F5236265-D881-42BA-9064-F25EFE81C126" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "1B79C6D1-3FE4-400B-B2E9-8247D73A74A8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "4D7F8FE6-7124-4CC1-BBD7-DDD9DB329877" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "2CE86895-3244-4B6D-BEBA-BF74468F5BC5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "110D8D98-9715-42DD-A967-0728A9D3C422" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "3E9F83DD-1DC7-450B-82F6-5ACEE37FF701" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "26D3BEF3-E29F-402F-B1ED-B7B74BA2E196" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "6E4231B1-DA7E-4D80-B3E6-401CDA1E24F3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "6D713731-3970-4A12-86FE-B8D566FE47FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "1BFC319D-3B14-4D84-98E2-5ACFDA0D5857" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "660DC6C0-93E8-458A-A36F-990178A085BC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "89D16C83-F321-4E5A-B0BB-7458AE3093EC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "380EA379-85B3-496E-8267-9267713FF9C4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "3D137802-A48A-4199-825A-CE32BE8046CB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "D9561C89-6109-450D-B8FB-C8FDC52EDF40" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "A93822CD-4242-4C37-8F7D-B89F02711D7B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "82654D85-8BE0-43CF-B117-3F13A4B776DA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "C5AA87AA-CD1A-4E72-ACC4-3DA37F1BB6DA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "E25445A5-B5D8-4321-8CEF-4C48875A0864" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "0E6DD4A4-4496-4CE7-8A7D-420ABAF9B5D9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "80914B19-88A2-4B91-915C-AB2E88F8BA68" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "140C82AC-5146-453A-8F54-80DEBC3E47C5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "C8C3C7E6-9A71-4100-AF8F-E258ACA87DC9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "F364FFC1-129E-4044-AA1D-7616A9DA9742" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "EABB97D1-1B3F-495C-AA84-BEF5F9B49737" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "B6C0CF36-056F-40B2-A37D-5FBAC1474C91" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "C3EAFEA9-B710-476A-9274-ABA1D0530FB9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "81C43AC9-9572-46C5-87A9-A0482B166949" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "05CE7A90-A4D7-4DC8-9E40-A00E8A73383D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "B5392AD7-A914-4E49-A427-24A1C025CE13" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "5B3B7585-DBD6-4B7E-A531-5AF06CA9A26C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "3928B719-73A2-4F4F-B99E-3B20E73A56BD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "71DF7CA5-58AC-4A5A-BE8B-E4980954F574" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "2B19D361-EC13-404E-BEB3-2FE57F08D21C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "FA6D1B1F-9243-47B8-8524-5FA0DB2BD25E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "B135D9F2-BC26-4B4C-9311-8E5462C0D990" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "98DDA9FF-BFCA-46B1-B54B-E66DF37EA3D5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "46168539-16F5-4D68-8C60-231DC7304DC2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "7B2C13FC-4A5A-487D-93DC-51C350461326" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "BEDABC39-977F-4D10-9CD7-BC28C9AFEE15" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "DFB7A1F6-2E72-4FCD-938A-0C52615770A1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "E4C0EC8B-AB4D-4457-8781-9F80B0DDD5AC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "EE591064-DF44-4838-A9AA-CB33EBFD0ADB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "5492BACB-7266-42C7-9CCB-8274CE283F37" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "B56659EF-E0D2-4274-9E77-E3B584CF8985" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "4EC093A4-BA4F-40EF-8279-5D93EF131B80" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "EE3FF6AC-7BF4-42B9-976E-F326F01F8BB1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "1C4AF4BD-FDD2-42B4-BA95-4D5A4A45E243" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "AD3A9176-70E0-4E5B-B93E-76E6B436ECF8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "534284B2-1FC8-4769-98DB-83D0A03F0FB5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "774ECB69-5F65-4B81-9FAE-474C4181B211" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "5BDCB0E8-94D5-4B20-B4CC-A49A086FDD38" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "A2F4D185-AE08-47BF-B480-BFBEE290FD26" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "A9FD757D-7C65-44E3-B995-186D4670021F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "EB319ED0-52D3-4FB6-86DD-727A1601CAD7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "65CC7B3C-B657-4996-9B84-148624669C8A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "42E60917-B217-41C4-9455-BC8B67FB1218" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "DE16F299-6B74-4317-A0B4-451FD090BF53" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "544CAF10-0F4D-4DCF-99A4-16BF26DB8294" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "A5C9A263-245B-4F94-B6FE-46C6C9DE33A4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "55A5BD6E-CC23-4DFA-BE89-1B7164CA003A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "8145A49C-E53C-448E-AAEF-3AFE870F833A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "6B517CAC-2BAD-4CD0-9157-57349E0365D8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "30386BAE-5D66-4447-A432-774EEF99B185" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndExcluding": "11.6.2", "matchCriteriaId": "7830DB26-7308-4FBD-A81F-69419EB88871" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndExcluding": "12.1.2", "matchCriteriaId": "E1BA9423-4C0D-4932-9802-51DCDC91F0A5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "42625AC5-88A6-4721-A5EC-31B0EAF5E96C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "76A3DDE3-905D-4A31-A7A9-3E747D2326CA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "2B3C08CC-F5B4-453F-B0BA-48930614C1E5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "3E7E08B3-6B94-4B91-8689-61762267B648" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "69BFCE0C-D4C9-4C0E-8EEA-FA1BAEF73320" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "7CEE3D81-4668-4ED1-AF87-96ECE7C7A0BE" } ] } ] } ], "references": [ { "url": "https://support.f5.com/csp/article/K91158923", "source": "f5sirt@f5.com", "tags": [ "Vendor Advisory" ] }, { "url": "https://support.f5.com/csp/article/K91158923", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] } ] }