{ "id": "CVE-2020-5938", "sourceIdentifier": "f5sirt@f5.com", "published": "2020-10-29T14:15:12.743", "lastModified": "2024-11-21T05:34:51.907", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels with configured, authenticated peers, the peer may negotiate a different key length than the BIG-IP configuration would otherwise allow." }, { "lang": "es", "value": "En BIG-IP versiones 13.1.0-13.1.3.4, 12.1.0-12.1.5.2 y 11.6.1-11.6.5.2, cuando se negocian t\u00faneles IPSec con peers autenticados configurados, el peer puede negociar una longitud de clave diferente a la que permitir\u00eda la configuraci\u00f3n BIG-IP" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "baseScore": 4.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-326" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "1F82C168-C3F0-4E5A-9465-4C9BE57FE888" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "3C0D3868-7BA0-482C-ADE9-4B4087C07B69" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "CF3BAF12-9795-4C5A-81A5-EFCEB46630C3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "26EA444C-FA23-40A7-98C7-404DC8E5611F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "08D80A54-B719-4AD4-8861-1D98D26B9736" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "18AA373F-C5FE-42A4-AF3C-26F51F124A34" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "D6AF221D-F7EC-40C9-BC9C-4F7C054C1600" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "33BC59FD-6410-4F4D-B6A7-5DA3249A87EE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "1E9213C5-1D33-4718-AEEF-F3D174809054" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "8088D322-514B-49C3-9041-7FCD6902A0E6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "B11E0D81-E40D-43EB-8315-F11FD78A2485" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "87EDF992-832C-4A4D-8766-F3D7135E74CF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "74330249-E08A-4DAB-AB9F-13BE634D74DA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "3F258902-6395-40F3-9D53-F2582ED17EEF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "C86000FB-C74C-48E2-A4DE-8326805D5A1E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "C9A86305-2292-40FB-A984-9B15F7A079F0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "8FE5AD25-A186-4813-9114-6795629E906E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "33F9B68F-5888-4099-BBC6-DD88343AC508" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "AAC89B6B-885D-4E3B-B477-497B70301255" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "EB9F95F4-B631-4607-A459-7166E8A3F88B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "CFAF23BC-987A-40FB-ABB5-2EB7E473314B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "5415B126-600B-4200-AA87-AFB434BFAE9F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "06DB5080-4612-45CB-9B8D-3BD97A7EC6AF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "85FAFA26-3B92-4CAE-8DD6-0A26B49794A8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "46F2C7CC-928E-418F-9033-AF84835EF588" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "F9DD232C-0ECA-4E8C-8419-50C6D0C6D3E1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "A6B0B7F5-5F35-4D0B-84D9-F0C198632E41" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "B7A79CD5-DF43-4D88-928B-0145CAD4069D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "1E204494-3006-43E1-A468-9B4633295D55" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "8E6EB084-C77A-4375-BB96-F961E7DBCAA2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "714EE4A8-ACA0-40A5-B183-34D08591A82B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "92BFAFD4-B4A2-4F64-B928-714170074AEA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "37FEF755-ED1A-4F9C-B19F-3D136A07E1DA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "ACC3FDE8-EFD4-4D92-89BD-40A0F6304965" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "C90CCF95-1AA4-4FD5-AFC0-60A5BF1BF582" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "A88C898D-79BE-430A-994F-61BE8E4D1E2F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "583BE9A4-928A-4347-994B-2E7F2B2AAD30" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "C2323F3C-3572-4B02-8C7B-E1A3FCD259D2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "41E9F7D6-21EC-4893-A93C-E0E4661DC2FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.6.1", "versionEndIncluding": "11.6.5.2", "matchCriteriaId": "C0371A93-D67F-4CE9-82D7-42CF4B2CBCB6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.1.0", "versionEndIncluding": "12.1.5.2", "matchCriteriaId": "E32D6142-3CCE-4F23-B606-9954E3B56D32" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndIncluding": "13.1.3.4", "matchCriteriaId": "CA48ECD9-B3BF-4A69-9521-1A664C70A974" } ] } ] } ], "references": [ { "url": "https://support.f5.com/csp/article/K76610106", "source": "f5sirt@f5.com", "tags": [ "Vendor Advisory" ] }, { "url": "https://support.f5.com/csp/article/K76610106", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] } ] }