admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-59xx/CVE-2020-5947.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

335 lines
13 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-5947",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2020-11-19T01:15:12.593",
"lastModified": "2024-11-21T05:34:53.050",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 2000 series (C112), BIG-IP 4000 series (C113), BIG-IP i2000 series (C117), BIG-IP i4000 series (C115), BIG-IP Virtual Edition (VE)."
},
{
"lang": "es",
"value": "En versiones 16.0.0-16.0.0.1 y 15.1.0-15.1.1, en plataformas BIG-IP espec\u00edficas, unos atacantes pueden obtener n\u00fameros de secuencia TCP del sistema BIG-IP que pueden ser reusadas en conexiones futuras con el mismo puerto de origen y destino y n\u00fameros IP. Solo estas plataformas est\u00e1n afectadas: serie BIG-IP 2000 (C112), serie BIG-IP 4000 (C113), serie BIG-IP i2000 (C117), serie BIG-IP i4000 (C115), BIG-IP Virtual Edition (VE)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "5AC29EF0-7E85-4BB1-A183-D03FC53868ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "3F3F98DD-C142-4030-AD11-A3129D5FFEA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "DD50CF60-A880-4495-AD3F-9A5C744506AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "1247022A-F95F-4DF6-87AC-2E6757B01DC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "286DABB7-9C44-4050-AB2E-C4B4EAE2EEFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "F7034BE5-23A6-47FA-9D80-3F3CF29DA2B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "69C1B709-03E8-4371-8EC4-C13BF134B6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "F491CF7C-EC9A-4413-9B84-459FE83E0AF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "217C0D97-5942-4609-BC5D-0D8D145E2436"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "D54A135F-CD1E-41AD-82C3-F15A21AA87BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "F20E2679-A1C0-4925-9284-DBA57F40C41C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "C3B360C4-C9E2-4889-ADD5-3482E69BA8E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "DC2FA5AD-6375-48C4-B602-E3BD464BF9FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "3448CBCB-D42E-4DAA-A52F-4225B2EB022A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "363C0C5C-A8EE-4BF9-92E3-506DA88D8CD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "B7466098-C689-4E4B-879F-0433A020FDBC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "1DB39FC0-D2B4-4854-B49B-722A67F729E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "574397F4-0234-48D3-B024-D7963A41E21C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndIncluding": "15.1.2",
"matchCriteriaId": "7BFEB115-A4F3-4FA3-A838-CE91AB6888F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "EB7047B3-A248-424C-98D8-A0DD99A86F50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "315AB5D6-FC37-44F5-989F-33FA4EC4654F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "15439AAC-1535-4087-9170-C885716736F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "AECF3150-98BD-4F39-84D9-584E36B357CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "4F9D19B2-1D89-4917-A82E-289EDE52C68F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "7C250F1A-D949-4389-B46B-25B63FBC167D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "E0319299-FCCE-4B8F-8DB5-83AF0C3D68D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.1.2",
"matchCriteriaId": "3B9426CC-5EE8-4250-82DA-24A6004F1794"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.1",
"matchCriteriaId": "37DB95DF-DAAE-4E11-9D91-A097A44176DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:f5:big-ip_virtual_edition:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5231D20F-5BCF-42BE-BA4B-A3705FE372FA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:f5:big-ip_2000:c112:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9C2CDC-1DBA-414A-BD24-5C80EF341D42"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:f5:big-ip_4000:c113:*:*:*:*:*:*:*",
"matchCriteriaId": "086D8EA0-55E3-4EA0-A511-A50E75150B1E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:f5:big-ip_i2000:c117:*:*:*:*:*:*:*",
"matchCriteriaId": "E874EF24-9120-45FD-98B6-FA8414EECFA4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:f5:big-ip_i4000:c115:*:*:*:*:*:*:*",
"matchCriteriaId": "431D46C5-4C56-425F-B919-0F3954EEBCD6"
}
]
}
]
}
],
"references": [
{
"url": "https://support.f5.com/csp/article/K64571774",
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.f5.com/csp/article/K64571774",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink