Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-5902 (GCVE-0-2020-5902)
Vulnerability from cvelistv5 – Published: 2020-07-01 00:00 – Updated: 2025-10-21 23:35
VLAI?
EPSS
Summary
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
Severity ?
9.8 (Critical)
CWE
- RCE
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:47:40.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K52145254"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
},
{
"name": "VU#290915",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/290915"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/"
},
{
"tags": [
"x_transferred"
],
"url": "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://swarm.ptsecurity.com/rce-in-f5-big-ip/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-5902",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:32:30.395767Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5902"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:41.409Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5902"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00.000Z",
"value": "CVE-2020-5902 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, 11.6.1-11.6.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "RCE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T03:06:51.520Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"url": "https://support.f5.com/csp/article/K52145254"
},
{
"url": "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
},
{
"name": "VU#290915",
"tags": [
"third-party-advisory"
],
"url": "https://www.kb.cert.org/vuls/id/290915"
},
{
"url": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/"
},
{
"url": "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/"
},
{
"url": "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html"
},
{
"url": "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902"
},
{
"url": "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html"
},
{
"url": "https://swarm.ptsecurity.com/rce-in-f5-big-ip/"
},
{
"url": "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2020-5902",
"datePublished": "2020-07-01T00:00:00.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:41.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2020-5902",
"cwes": "[\"CWE-22\"]",
"dateAdded": "2021-11-03",
"dueDate": "2022-05-03",
"knownRansomwareCampaignUse": "Known",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2020-5902",
"product": "BIG-IP",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "F5 BIG-IP Traffic Management User Interface (TMUI) contains a remote code execution vulnerability in undisclosed pages.",
"vendorProject": "F5",
"vulnerabilityName": "F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.f5.com/csp/article/K52145254\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/290915\", \"name\": \"VU#290915\", \"tags\": [\"third-party-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://swarm.ptsecurity.com/rce-in-f5-big-ip/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T08:47:40.698Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-5902\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-29T20:32:30.395767Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5902\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-11-03T00:00:00.000Z\", \"value\": \"CVE-2020-5902 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5902\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-29T20:31:37.600Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"BIG-IP\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, 11.6.1-11.6.5.1\"}]}], \"references\": [{\"url\": \"https://support.f5.com/csp/article/K52145254\"}, {\"url\": \"http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html\"}, {\"url\": \"http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html\"}, {\"url\": \"http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html\"}, {\"url\": \"https://www.kb.cert.org/vuls/id/290915\", \"name\": \"VU#290915\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/\"}, {\"url\": \"https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/\"}, {\"url\": \"http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html\"}, {\"url\": \"https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902\"}, {\"url\": \"http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html\"}, {\"url\": \"https://swarm.ptsecurity.com/rce-in-f5-big-ip/\"}, {\"url\": \"http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"RCE\"}]}], \"providerMetadata\": {\"orgId\": \"9dacffd4-cb11-413f-8451-fbbfd4ddc0ab\", \"shortName\": \"f5\", \"dateUpdated\": \"2023-11-14T03:06:51.520Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2020-5902\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:35:41.409Z\", \"dateReserved\": \"2020-01-06T00:00:00.000Z\", \"assignerOrgId\": \"9dacffd4-cb11-413f-8451-fbbfd4ddc0ab\", \"datePublished\": \"2020-07-01T00:00:00.000Z\", \"assignerShortName\": \"f5\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2020-AVI-399
Vulnerability from certfr_avis - Published: 2020-07-01 - Updated: 2020-07-08
De multiples vulnérabilités ont été découvertes dans F5 BIG-IP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 15.x antérieures à 15.1.0.4 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 11.5.x et 11.6.x antérieures à 11.6.5.2 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 13.1.x antérieures à 13.1.3.4 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 12.1.x antérieures à 12.1.5.2 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 14.1.x antérieures à 14.1.2.6 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 15.x ant\u00e9rieures \u00e0 15.1.0.4",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 11.5.x et 11.6.x ant\u00e9rieures \u00e0 11.6.5.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 13.1.x ant\u00e9rieures \u00e0 13.1.3.4",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 12.1.x ant\u00e9rieures \u00e0 12.1.5.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 14.1.x ant\u00e9rieures \u00e0 14.1.2.6",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-5890",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5890"
},
{
"name": "CVE-2020-5904",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5904"
},
{
"name": "CVE-2020-5907",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5907"
},
{
"name": "CVE-2020-5906",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5906"
},
{
"name": "CVE-2020-5902",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5902"
},
{
"name": "CVE-2020-5903",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5903"
},
{
"name": "CVE-2020-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5878"
}
],
"initial_release_date": "2020-07-01T00:00:00",
"last_revision_date": "2020-07-08T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-399",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-07-01T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 F5 K03318649 du 30 avril 2020",
"revision_date": "2020-07-02T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 F5 K35750231 du 08 juillet 2020",
"revision_date": "2020-07-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans F5 BIG-IP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans F5 BIG-IP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K82518062 du 01 juillet 2020",
"url": "https://support.f5.com/csp/article/K82518062"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K31301245 du 01 juillet 2020",
"url": "https://support.f5.com/csp/article/K31301245"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K35750231 du 08 juillet 2020",
"url": "https://support.f5.com/csp/article/K35750231"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K52145254 du 01 juillet 2020",
"url": "https://support.f5.com/csp/article/K52145254"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K03318649 du 30 avril 2020",
"url": "https://support.f5.com/csp/article/K03318649"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K00091341 du 01 juillet 2020",
"url": "https://support.f5.com/csp/article/K00091341"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K43638305 du 01 juillet 2020",
"url": "https://support.f5.com/csp/article/K43638305"
}
]
}
FKIE_CVE-2020-5902
Vulnerability from fkie_nvd - Published: 2020-07-01 15:15 - Updated: 2025-10-27 17:07
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
References
| URL | Tags | ||
|---|---|---|---|
| f5sirt@f5.com | http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html | Exploit, Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/ | Exploit, Third Party Advisory | |
| f5sirt@f5.com | https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902 | Broken Link, Exploit, Third Party Advisory | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K52145254 | Vendor Advisory | |
| f5sirt@f5.com | https://swarm.ptsecurity.com/rce-in-f5-big-ip/ | Exploit, Third Party Advisory | |
| f5sirt@f5.com | https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/ | Exploit, Third Party Advisory | |
| f5sirt@f5.com | https://www.kb.cert.org/vuls/id/290915 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902 | Broken Link, Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K52145254 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://swarm.ptsecurity.com/rce-in-f5-big-ip/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/290915 | Third Party Advisory, US Government Resource | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5902 | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_web_application_firewall | * | |
| f5 | big-ip_advanced_web_application_firewall | * | |
| f5 | big-ip_advanced_web_application_firewall | * | |
| f5 | big-ip_advanced_web_application_firewall | * | |
| f5 | big-ip_advanced_web_application_firewall | * | |
| f5 | big-ip_advanced_web_application_firewall | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_ddos_hybrid_defender | * | |
| f5 | big-ip_ddos_hybrid_defender | * | |
| f5 | big-ip_ddos_hybrid_defender | * | |
| f5 | big-ip_ddos_hybrid_defender | * | |
| f5 | big-ip_ddos_hybrid_defender | * | |
| f5 | big-ip_ddos_hybrid_defender | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | ssl_orchestrator | * | |
| f5 | ssl_orchestrator | * | |
| f5 | ssl_orchestrator | * | |
| f5 | ssl_orchestrator | * | |
| f5 | ssl_orchestrator | * | |
| f5 | ssl_orchestrator | * |
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB236652-BD60-4FEF-9D59-8B49FB3A7655",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0532FA-7B7B-46B3-AB10-0920034A7E43",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "592327AA-BCC4-4CD0-82C6-EA739F049E82",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A49F18E-2004-4BDB-BA3F-93C52B23CCA9",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65C2E51D-76FF-4604-B9A6-1EB48AAF1CA6",
"versionEndIncluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11F32785-49DA-4C57-AD28-BC630E55222A",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB2B518-F813-4B11-BBF5-0BFB2979A6B8",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3DCE49-C37D-4951-AB57-7CDDEBA1C1E5",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD78D19-D17E-45EC-98C7-74D086AE68AA",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CDD8550-E2BC-44B4-857C-706D2DC769F0",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B59E16D-7645-492A-9C1D-A8724FFCA28F",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB71683-C715-41DB-A42E-4269D26D5DD3",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E64263B7-7BE1-472E-9130-7BC8F2932683",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "694C630B-5342-4C6C-A0FA-050B9C76936D",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC400989-FE65-4DEC-B9DD-7BEF6EB72DC0",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "708FD0A9-5167-45B5-80A1-85F105365C98",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FBF20C1-5B3C-4DC0-B6F7-4DB0205BF2B0",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8434935-CE50-4CE7-BA17-6966E71BC9FD",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31E16A1B-E305-4390-976C-5F33A82EF396",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C3E75CB-C764-4868-8459-1FAC03506EE8",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C551C9-169C-450E-965A-4F9F3E2C785B",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E6595B-27F1-4298-9B72-5618A5A0605A",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92F370C2-3C5A-416D-83C1-A4F84866E958",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E7820D-A574-41C8-A602-05A825F26726",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB118FB-2EFB-4F17-B6E1-FC4B46B9C265",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3F7911-FB00-4612-9109-9E7A407BC7B7",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B547F46F-5563-4E7F-8B69-3D25C6C58521",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6317DD02-5FC5-4476-8F63-8A7915440F94",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "997D12F1-098D-4C42-A6A2-B4F59AC78F0F",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B37CD3-4B52-4761-9BEC-5D4CC57783B8",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8999F566-9884-4CAA-BED7-8CF72F11E6F8",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91BF72A9-EB50-4315-B956-5926967DCC46",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AEE0B76-3F8E-420A-9589-BF3FDB942DEB",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA19452D-9C3D-41FB-8606-51F90126B2A0",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C4B56F-D022-4268-9D78-6E4D12AE9215",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C4B36F-ABA3-4C9C-BE94-389A91185CE5",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC8B0F64-D0FC-4CC9-94CA-38A55043C529",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39AECFF0-3A86-45A4-AB7F-DCC3717E8E97",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F8B4719-B7C7-4383-B74B-119DD5F51773",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE999923-5893-44D4-9212-E94990A3F1A7",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62F2CBB9-C4FE-4065-8F13-E677E572F4B9",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E34F61C-1C60-4BA7-A282-C5B295A7241C",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F997F6D8-D08D-4EB0-BEA7-288AEFD6F28C",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73EC8EDA-669A-4750-934F-3B3FBF557080",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7917031-0735-483C-A8DA-11430056D568",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "357FD2B0-3437-4D26-9D84-FE1449E37A74",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFC0D83-7F64-44F2-A014-37DE3CAF846A",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DB7EE01-966A-40EB-8F49-AFE22B1FAF31",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "925DA0B2-7570-4819-845C-C35E5B168F80",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0581EEF-98E6-4961-8178-BA2D7647F931",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC5C221-AE58-4580-876A-E5FD7970A695",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5746AE6E-9D1B-4275-A756-4FFBEE9FC6D3",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920BC3DD-A1D4-403B-83D2-00636C20FFC0",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD1518D-E884-4B38-96CB-2C02493352B3",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4A036A0-5E0C-4E64-B88D-D1B61257896E",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32773569-67FE-4F08-A613-E507FCDEACEF",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "463AA399-492A-4DB6-BFD1-31725012AE8F",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A52B5EA8-31E5-4CDB-81FB-3AE8251F29CF",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49C8BE4A-DED6-451A-B6EE-AC95DD26F85A",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB170091-1F18-46D7-8164-ACC9B05954E3",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97AB336E-2A10-4508-9F20-DB54D628355F",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4494F771-4026-478C-8004-B162653DC80C",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98314370-E3C8-4CB5-9F48-57004EB96D8F",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1AC241-FE68-4275-8992-7575AA8AD118",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC0E30F-6550-4BC9-8DA7-6BD495DBF415",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D30769C3-F8CB-491A-8E51-0147AA07DDA4",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54D289F0-1896-4996-AEDF-B299C6DB8945",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A97489DC-A5DE-48AD-BBA2-F9078070F53A",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF128B7-874B-4E3A-B52F-1C2DE34F64A9",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4E502-D8D5-4719-986F-90BC08B3DC16",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D90F4A-FA2A-412F-8591-D1CA6399ECAD",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAFAE9B-AA80-4D3B-AA3A-4ED5C3BE6113",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78F7A30F-4455-420D-9254-E9910E16EC3F",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EDB944B-DF60-45AF-AD60-33E9667E0D12",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20C58940-C7A3-47A9-8C9E-7B652E4F4750",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67516A0B-7359-42DE-B318-6979DEEFC229",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD2867D-D646-4B01-A383-6A47B51D059E",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E314109-D770-4055-9248-2BE25B0EF084",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53F1F7BD-512D-46D4-A888-A2670DEB1C4F",
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE483701-8CB3-4745-BD47-B022EBEA2CA9",
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57A7A47C-DBC5-4D1B-9C54-4A04C16BD904",
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4BC535-7F99-45F4-9094-29B52DEB8168",
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F54A8AE-61F3-4F43-82BF-55842B56064A",
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F20F608-2930-41F2-A720-B8638395FF44",
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages."
},
{
"lang": "es",
"value": "En BIG-IP versiones 15.0.0 hasta 15.1.0.3, 14.1.0 hasta 14.1.2.5, 13.1.0 hasta 13.1.3.3, 12.1.0 hasta 12.1.5.1 y 11.6.1 hasta 11.6.5.1, el Traffic Management User Interface (TMUI), tambi\u00e9n se conoce como la utilidad de Configuraci\u00f3n, presenta una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota (RCE) en p\u00e1ginas no reveladas"
}
],
"id": "CVE-2020-5902",
"lastModified": "2025-10-27T17:07:00.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2020-07-01T15:15:15.360",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K52145254"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://swarm.ptsecurity.com/rce-in-f5-big-ip/"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/290915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K52145254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://swarm.ptsecurity.com/rce-in-f5-big-ip/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/290915"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5902"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CERTFR-2020-ALE-015
Vulnerability from certfr_alerte - Published: 2020-07-05 - Updated: 2020-09-15
Le 1er juillet 2020, F5 Networks a publié un avis de sécurité [1] concernant la vulnérabilité CVE-2020-5902. Cette vulnérabilité permet à un attaquant non authentifié (ou un utilisateur authentifié) ayant un accès réseau à l'interface d'administration tmui, d'exécuter un code arbitraire à distance. Cette vulnérabilité a un score CVSS de 10. Cette interface est accessible depuis le port d'administration ainsi que via les adresses IP "Self IP" éventuellement configurées sur l'équipement BIG-IP.
Note importante : Des campagnes de détection sont rapportées publiquement et des preuves de concept ont été publiées depuis le 04 juillet. Ces preuves de concept permettent notamment d'accéder à des fichiers de configuration.
Le CERT-FR considère qu'il est impératif d'appliquer sans délai les règles de configuration afin d'interdire l'accès à l'interface d'administration depuis un réseau non sécurisé ainsi que d'appliquer les correctifs publiés par l'éditeur.
Solution
[Mise à jour du 28 juillet 2020]
Le 22 juillet 2020, F5 a publié un outil qui tente de détecter des traces de compromission : https://github.com/f5devcentral/cve-2020-5902-ioc-bigip-checker/.
Le 27 juillet 2020, l'US-CERT a publié une alerte contenant une règle de détection au format Snort : https://us-cert.cisa.gov/ncas/alerts/aa20-206a.
[Publication initiale]
Il est impératif d'appliquer les correctifs de sécurité publiés par l'éditeur. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs [1] (cf. section Documentation).
En cas de suspicion d'accès non autorisé à l'interface d'administration tmui, si cette interface était accessible depuis un réseau non sûr, le CERT-FR recommande fortement de :
- renouveler les mots de passe des comptes techniques et des comptes utilisateurs déclarés sur les équipements BIG-IP ;
- révoquer et renouveler les certificats x509 déclarés sur les équipements BIG-IP ainsi que sur les éventuels autres équipements utilisant ces mêmes certificats x509 s'il s'agit de certificats multi-domaines (wildcard).
Le CERT-FR rappelle également que l'éditeur a publié des bonnes pratiques afin de sécuriser l'administration de ses équipements [2]. Il convient notamment de :
- connecter le port d'administration sur un réseau d'administration sécurisé ;
- interdire l'accès à l'interface d'administration tmui via les adresses IP "Self IP" ;
La mise à jour d'un produit ou d'un logiciel est une opération délicate qui doit être menée avec prudence. Il est notamment recommander d'effectuer des tests autant que possible. Des dispositions doivent également être prises pour garantir la continuité de service en cas de difficultés lors de l'application des mises à jour comme des correctifs ou des changements de version.
Contournement provisoire
[Mise à jour du 08 juillet 2020]
Le 07 juillet 2020, F5 a mis à jour son avis de sécurité. La mesure de contournement initialement préconisée s'avère incomplète. Le CERT-FR recommande l'application du correctif. Dans les cas où ce n'est pas possible, il est impératif de mettre à jour les propriétés httpd avec les changements indiqués dans l'avis F5 (cf. section Documentation).
[Publication initiale]
Dans la mesure où les solutions peuvent nécessiter des modifications importantes, l'éditeur préconise un contournement permettant de se prémunir contre un accès non autorisé par un attaquant non authentifié. L'éditeur indique que ce contournement ne devrait pas avoir de conséquence sur le fonctionnement de l'équipement. Il s'agit d'éditer les propriétés du serveur web et ajouter une nouvelle règle dans la section 'include' afin d'interdire des requêtes HTTP utilisant une syntaxe particulière pour l'URL. Ces recommandations sont indiquées dans l'avis de l'éditeur : https://support.f5.com/csp/article/K52145254#all
L'éditeur précise que ce contournement n'empêche pas un utilisateur authentifié d'exploiter la vulnérabilité.
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 15.x antérieures à 15.1.0.4 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 11.5.x et 11.6.x antérieures à 11.6.5.2 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 13.1.x antérieures à 13.1.3.4 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 12.1.x antérieures à 12.1.5.2 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 14.1.x antérieures à 14.1.2.6 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 15.x ant\u00e9rieures \u00e0 15.1.0.4",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 11.5.x et 11.6.x ant\u00e9rieures \u00e0 11.6.5.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 13.1.x ant\u00e9rieures \u00e0 13.1.3.4",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 12.1.x ant\u00e9rieures \u00e0 12.1.5.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 14.1.x ant\u00e9rieures \u00e0 14.1.2.6",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2020-09-15",
"content": "## Solution\n\n**\\[Mise \u00e0 jour du 28 juillet 2020\\]**\n\nLe 22 juillet 2020, F5 a publi\u00e9 un outil qui tente de d\u00e9tecter des\ntraces de compromission : \u003ca\nhref=\"https://github.com/f5devcentral/cve-2020-5902-ioc-bigip-checker/\"\nrel=\"noopener\"\ntarget=\"_blank\"\u003ehttps://github.com/f5devcentral/cve-2020-5902-ioc-bigip-checker/\u003c/a\u003e.\n\nLe 27 juillet 2020, l\u0027US-CERT a publi\u00e9 une alerte contenant une r\u00e8gle de\nd\u00e9tection au format Snort\n:\u00a0\u003ca href=\"https://us-cert.cisa.gov/ncas/alerts/aa20-206a\" rel=\"noopener\"\ntarget=\"_blank\"\u003ehttps://us-cert.cisa.gov/ncas/alerts/aa20-206a\u003c/a\u003e.\n\n**\\[Publication initiale\\]**\n\nIl est imp\u00e9ratif d\u0027**appliquer les correctifs de s\u00e9curit\u00e9** publi\u00e9s par\nl\u0027\u00e9diteur. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour\nl\u0027obtention des correctifs \\[1\\] (cf. section Documentation).\n\n**En cas de suspicion d\u0027acc\u00e8s non autoris\u00e9 \u00e0 l\u0027interface\nd\u0027administration tmui**, si cette interface \u00e9tait accessible depuis un\nr\u00e9seau non s\u00fbr, le CERT-FR recommande fortement de :\n\n- renouveler les mots de passe des comptes techniques et des comptes\n utilisateurs d\u00e9clar\u00e9s sur les \u00e9quipements BIG-IP ;\n- r\u00e9voquer et renouveler les certificats x509 d\u00e9clar\u00e9s sur les\n \u00e9quipements BIG-IP ainsi que sur les \u00e9ventuels autres \u00e9quipements\n utilisant ces m\u00eames certificats x509 s\u0027il s\u0027agit de certificats\n multi-domaines (*wildcard*).\n\nLe CERT-FR rappelle \u00e9galement que l\u0027\u00e9diteur a publi\u00e9 des bonnes\npratiques afin de **s\u00e9curiser l\u0027administration de ses \u00e9quipements**\n\\[2\\]. Il convient notamment de :\n\n- connecter le port d\u0027administration sur un **r\u00e9seau d\u0027administration\n s\u00e9curis\u00e9** ;\n- **interdire** l\u0027acc\u00e8s \u00e0 l\u0027interface d\u0027administration tmui via les\n adresses IP \"*Self IP*\" ;\n\n------------------------------------------------------------------------\n\n\u003cspan style=\"font-family: Liberation Serif, serif;\"\u003eLa mise \u00e0\u00a0jour d\u0027un\nproduit ou d\u0027un logiciel est une op\u00e9ration d\u00e9licate qui doit \u00eatre men\u00e9e\navec prudence. Il est notamment recommander d\u0027effectuer des tests autant\nque possible. Des dispositions doivent \u00e9galement \u00eatre prises pour\ngarantir la continuit\u00e9 de service en cas de difficult\u00e9s lors de\nl\u0027application des mises \u00e0 jour \u003cspan style=\"color: #000000;\"\u003ecomme des\ncorrectifs ou des changements de version.\u003c/span\u003e\u003c/span\u003e\n\n## Contournement provisoire\n\n**\\[Mise \u00e0 jour du 08 juillet 2020\\]**\n\nLe 07 juillet 2020, F5 a mis \u00e0 jour son avis de s\u00e9curit\u00e9. La mesure de\ncontournement initialement pr\u00e9conis\u00e9e s\u0027av\u00e8re incompl\u00e8te. Le CERT-FR\nrecommande l\u0027application du correctif. Dans les cas o\u00f9 ce n\u0027est pas\npossible, il est imp\u00e9ratif de mettre \u00e0 jour les propri\u00e9t\u00e9s\u00a0*httpd*\u00a0avec\nles changements indiqu\u00e9s dans l\u0027avis F5 (cf. section Documentation).\n\n**\\[Publication initiale\\]**\n\nDans la mesure o\u00f9 les solutions peuvent n\u00e9cessiter des modifications\nimportantes, l\u0027\u00e9diteur pr\u00e9conise un **contournement permettant de se\npr\u00e9munir contre un acc\u00e8s non autoris\u00e9 par un attaquant non\nauthentifi\u00e9**. L\u0027\u00e9diteur indique que ce contournement ne devrait pas\navoir de cons\u00e9quence sur le fonctionnement de l\u0027\u00e9quipement. Il s\u0027agit\nd\u0027\u00e9diter les propri\u00e9t\u00e9s du serveur web et ajouter une nouvelle r\u00e8gle\ndans la section \u0027include\u0027 afin d\u0027interdire des requ\u00eates HTTP utilisant\nune syntaxe particuli\u00e8re pour l\u0027URL. Ces recommandations sont indiqu\u00e9es\ndans l\u0027avis de l\u0027\u00e9diteur :\n\u003chttps://support.f5.com/csp/article/K52145254#all\u003e\n\nL\u0027\u00e9diteur pr\u00e9cise que ce contournement n\u0027emp\u00eache pas un utilisateur\nauthentifi\u00e9 d\u0027exploiter la vuln\u00e9rabilit\u00e9.\n\n\u00a0\n",
"cves": [
{
"name": "CVE-2020-5902",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5902"
}
],
"initial_release_date": "2020-07-05T00:00:00",
"last_revision_date": "2020-09-15T00:00:00",
"links": [
{
"title": "[2] Bulletin F5 Networks pour la s\u00e9curisation de l\u0027administration des \u00e9quipements BIG-IP",
"url": "https://support.f5.com/csp/article/K13092"
},
{
"title": "Outil de d\u00e9tection F5",
"url": "https://github.com/f5devcentral/cve-2020-5902-ioc-bigip-checker/"
},
{
"title": "Alerte US-CERT AA20-206A",
"url": "https://us-cert.cisa.gov/ncas/alerts/aa20-206a"
}
],
"reference": "CERTFR-2020-ALE-015",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-07-05T00:00:00.000000"
},
{
"description": "Mise \u00e0 jour des recommandations F5.",
"revision_date": "2020-07-08T00:00:00.000000"
},
{
"description": "Ajout de l\u0027outil F5 et du lien vers l\u0027alerte de l\u0027US-CERT",
"revision_date": "2020-07-28T00:00:00.000000"
},
{
"description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
"revision_date": "2020-09-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Le 1er juillet 2020, F5 Networks a publi\u00e9 un avis de s\u00e9curit\u00e9 \\[1\\]\nconcernant la vuln\u00e9rabilit\u00e9 CVE-2020-5902. Cette vuln\u00e9rabilit\u00e9 permet \u00e0\nun attaquant non authentifi\u00e9 (ou un utilisateur authentifi\u00e9) ayant un\nacc\u00e8s r\u00e9seau \u00e0 l\u0027interface d\u0027administration tmui, d\u0027ex\u00e9cuter un code\narbitraire \u00e0 distance. Cette vuln\u00e9rabilit\u00e9 a un score CVSS de 10. Cette\ninterface est accessible depuis le port d\u0027administration ainsi que via\nles adresses IP \"*Self IP*\" \u00e9ventuellement configur\u00e9es sur l\u0027\u00e9quipement\nBIG-IP.\n\n\u003cstrong\u003eNote importante\u003c/strong\u003e : Des \u003cstrong\u003ecampagnes de d\u00e9tection\u003c/strong\u003e sont rapport\u00e9es\npubliquement et des \u003cstrong\u003epreuves de concept ont \u00e9t\u00e9 publi\u00e9es depuis le 04\njuillet\u003c/strong\u003e. Ces preuves de concept permettent notamment d\u0027acc\u00e9der \u00e0 des\nfichiers de configuration.\n\nLe CERT-FR consid\u00e8re qu\u0027il est imp\u00e9ratif d\u0027appliquer \u003cstrong\u003esans d\u00e9lai\u003c/strong\u003e les\nr\u00e8gles de configuration afin d\u0027interdire l\u0027acc\u00e8s \u00e0 l\u0027interface\nd\u0027administration depuis un r\u00e9seau non s\u00e9curis\u00e9 ainsi que d\u0027appliquer les\ncorrectifs publi\u00e9s par l\u0027\u00e9diteur.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans F5 BIG-IP",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis CERT-FR CERTFR-2020-AVI-399 du 01 juillet 2020",
"url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2020-AVI-399/"
},
{
"published_at": null,
"title": "[1] Bulletin de s\u00e9curit\u00e9 F5 K52145254 du 01 juillet 2020",
"url": "https://support.f5.com/csp/article/K52145254"
}
]
}
GHSA-2859-2HR6-F86V
Vulnerability from github – Published: 2022-05-24 17:22 – Updated: 2025-10-22 00:31
VLAI?
Details
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2020-5902"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-94"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-07-01T15:15:00Z",
"severity": "HIGH"
},
"details": "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.",
"id": "GHSA-2859-2hr6-f86v",
"modified": "2025-10-22T00:31:56Z",
"published": "2022-05-24T17:22:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5902"
},
{
"type": "WEB",
"url": "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902"
},
{
"type": "WEB",
"url": "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K52145254"
},
{
"type": "WEB",
"url": "https://swarm.ptsecurity.com/rce-in-f5-big-ip"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5902"
},
{
"type": "WEB",
"url": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/290915"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2020-5902
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-5902",
"description": "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.",
"id": "GSD-2020-5902",
"references": [
"https://packetstormsecurity.com/files/cve/CVE-2020-5902"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-5902"
],
"details": "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.",
"id": "GSD-2020-5902",
"modified": "2023-12-13T01:22:03.780004Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cisa.gov": {
"cveID": "CVE-2020-5902",
"dateAdded": "2021-11-03",
"dueDate": "2022-05-03",
"product": "BIG-IP",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.",
"vendorProject": "F5",
"vulnerabilityName": "F5 BIG-IP Traffic Management User Interface Remote Code Execution Vulnerability"
},
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2020-5902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP",
"version": {
"version_data": [
{
"version_value": "15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, 11.6.1-11.6.5.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "RCE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K52145254",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K52145254"
},
{
"name": "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
},
{
"name": "VU#290915",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/290915"
},
{
"name": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/",
"refsource": "MISC",
"url": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/"
},
{
"name": "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/",
"refsource": "MISC",
"url": "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/"
},
{
"name": "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html"
},
{
"name": "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902",
"refsource": "MISC",
"url": "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902"
},
{
"name": "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html"
},
{
"name": "https://swarm.ptsecurity.com/rce-in-f5-big-ip/",
"refsource": "MISC",
"url": "https://swarm.ptsecurity.com/rce-in-f5-big-ip/"
},
{
"name": "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.4",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.6",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1.0.4",
"versionStartIncluding": "15.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2020-5902"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K52145254",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K52145254"
},
{
"name": "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
},
{
"name": "VU#290915",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/290915"
},
{
"name": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/"
},
{
"name": "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/"
},
{
"name": "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902"
},
{
"name": "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html"
},
{
"name": "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html"
},
{
"name": "https://swarm.ptsecurity.com/rce-in-f5-big-ip/",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://swarm.ptsecurity.com/rce-in-f5-big-ip/"
},
{
"name": "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html",
"refsource": "",
"tags": [],
"url": "http://packetstormsecurity.com/files/175671/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-11-14T03:15Z",
"publishedDate": "2020-07-01T15:15Z"
}
}
}
CVE-2020-5902
Vulnerability from fstec - Published: 01.07.2020
VLAI Severity ?
Title
Уязвимость интерфейса TMUI средства контроля доступа и удаленной аутентификации BIG-IP Access Policy Manager, межсетевого экрана BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, средства доставки приложений BIG-IP Application Acceleration Manager, средства защиты приложений BIG-IP Application Security Manager, средства защиты от DDoS-атак BIG-IP DDos Hybrid Defender, DNS-сервера BIG-IP DNS, модуля BIG-IP Fraud Protection Service, системы балансировки интернет-трафика BIG-IP Link Controller, системы балансировки локального трафика BIG-IP Local Traffic Manager, системы контроля и управления сетевым трафиком BIG-IP Policy Enforcement Manager, средства расшифровки SSL и перенаправления расшифрованного трафика SSL Orchestrator, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость интерфейса TMUI средства контроля доступа и удаленной аутентификации BIG-IP Access Policy Manager, межсетевого экрана BIG-IP Advanced Firewall Manager, средства доставки приложений BIG-IP Application Acceleration Manager, средства защиты приложений BIG-IP Application Security Manager, средства защиты от DDoS-атак BIG-IP DDos Hybrid Defender, DNS-сервера BIG-IP DNS, модуля BIG-IP Fraud Protection Service, системы балансировки интернет-трафика BIG-IP Link Controller, системы балансировки локального трафика BIG-IP Local Traffic Manager, системы контроля и управления сетевым трафиком BIG-IP Policy Enforcement Manager, средства расшифровки SSL и перенаправления расшифрованного трафика SSL Orchestrator связана с ошибками управления генерацией кода. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код
Severity ?
Vendor
F5 Networks, Inc.
Software Name
BIG-IP Access Policy Manager, BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP DDos Hybrid Defender, BIG-IP DNS, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Enforcement Manager, SSL Orchestrator
Software Version
от 11.6.1 до 11.6.5.2 (BIG-IP Access Policy Manager), от 12.1.0 до 12.1.5.2 (BIG-IP Access Policy Manager), от 13.1.0 до 13.1.3.4 (BIG-IP Access Policy Manager), от 14.1.0 до 14.1.2.6 (BIG-IP Access Policy Manager), от 15.0.0 до 15.0.1.4 (BIG-IP Access Policy Manager), от 15.1.0 до 15.1.0.4 (BIG-IP Access Policy Manager), от 11.6.1 до 11.6.5.2 (BIG-IP Advanced Firewall Manager), от 12.1.0 до 12.1.5.2 (BIG-IP Advanced Firewall Manager), от 13.1.0 до 13.1.3.4 (BIG-IP Advanced Firewall Manager), от 14.1.0 до 14.1.2.6 (BIG-IP Advanced Firewall Manager), от 15.0.0 до 15.0.1.4 (BIG-IP Advanced Firewall Manager), от 15.1.0 до 15.1.0.4 (BIG-IP Advanced Firewall Manager), от 12.1.0 до 12.1.5.2 (BIG-IP Advanced Web Application Firewall), от 13.1.0 до 13.1.3.4 (BIG-IP Advanced Web Application Firewall), от 14.1.0 до 14.1.2.6 (BIG-IP Advanced Web Application Firewall), от 15.0.0 до 15.0.1.4 (BIG-IP Advanced Web Application Firewall), от 15.1.0 до 15.1.0.4 (BIG-IP Advanced Web Application Firewall), от 11.6.1 до 11.6.5.2 (BIG-IP Analytics), от 12.1.0 до 12.1.5.2 (BIG-IP Analytics), от 13.1.0 до 13.1.3.4 (BIG-IP Analytics), от 14.1.0 до 14.1.2.6 (BIG-IP Analytics), от 15.0.0 до 15.0.1.4 (BIG-IP Analytics), от 15.1.0 до 15.1.0.4 (BIG-IP Analytics), от 12.1.0 до 12.1.5.2 (BIG-IP Application Acceleration Manager), от 13.1.0 до 13.1.3.4 (BIG-IP Application Acceleration Manager), от 14.1.0 до 14.1.2.6 (BIG-IP Application Acceleration Manager), от 15.0.0 до 15.0.1.4 (BIG-IP Application Acceleration Manager), от 15.1.0 до 15.1.0.4 (BIG-IP Application Acceleration Manager), от 11.6.1 до 11.6.5.2 (BIG-IP Application Security Manager), от 12.1.0 до 12.1.5.2 (BIG-IP Application Security Manager), от 13.1.0 до 13.1.3.4 (BIG-IP Application Security Manager), от 14.1.0 до 14.1.2.6 (BIG-IP Application Security Manager), от 15.0.0 до 15.0.1.4 (BIG-IP Application Security Manager), от 15.1.0 до 15.1.0.4 (BIG-IP Application Security Manager), от 11.6.1 до 11.6.5.2 (BIG-IP DDos Hybrid Defender), от 12.1.0 до 12.1.5.2 (BIG-IP DDos Hybrid Defender), от 13.1.0 до 13.1.3.4 (BIG-IP DDos Hybrid Defender), от 14.1.0 до 14.1.2.6 (BIG-IP DDos Hybrid Defender), от 15.0.0 до 15.0.1.4 (BIG-IP DDos Hybrid Defender), от 15.1.0 до 15.1.0.4 (BIG-IP DDos Hybrid Defender), от 11.6.1 до 11.6.5.2 (BIG-IP DNS), от 12.1.0 до 12.1.5.2 (BIG-IP DNS), от 13.1.0 до 13.1.3.4 (BIG-IP DNS), от 14.1.0 до 14.1.2.6 (BIG-IP DNS), от 15.0.0 до 15.0.1.4 (BIG-IP DNS), от 15.1.0 до 15.1.0.4 (BIG-IP DNS), от 11.6.1 до 11.6.5.2 (BIG-IP Fraud Protection Service), от 12.1.0 до 12.1.5.2 (BIG-IP Fraud Protection Service), от 13.1.0 до 13.1.3.4 (BIG-IP Fraud Protection Service), от 14.1.0 до 14.1.2.6 (BIG-IP Fraud Protection Service), от 15.0.0 до 15.0.1.4 (BIG-IP Fraud Protection Service), от 15.1.0 до 15.1.0.4 (BIG-IP Fraud Protection Service), от 11.6.1 до 11.6.5.2 (BIG-IP Global Traffic Manager), от 12.1.0 до 12.1.5.2 (BIG-IP Global Traffic Manager), от 13.1.0 до 13.1.3.4 (BIG-IP Global Traffic Manager), от 14.1.0 до 14.1.2.6 (BIG-IP Global Traffic Manager), от 15.0.0 до 15.0.1.4 (BIG-IP Global Traffic Manager), от 15.1.0 до 15.1.0.4 (BIG-IP Global Traffic Manager), от 11.6.1 до 11.6.5.2 (BIG-IP Link Controller), от 12.1.0 до 12.1.5.2 (BIG-IP Link Controller), от 13.1.0 до 13.1.3.4 (BIG-IP Link Controller), от 14.1.0 до 14.1.2.6 (BIG-IP Link Controller), от 15.0.0 до 15.0.1.4 (BIG-IP Link Controller), от 15.1.0 до 15.1.0.4 (BIG-IP Link Controller), от 11.6.1 до 11.6.5.2 (BIG-IP Local Traffic Manager), от 12.1.0 до 12.1.5.2 (BIG-IP Local Traffic Manager), от 13.1.0 до 13.1.3.4 (BIG-IP Local Traffic Manager), от 14.1.0 до 14.1.2.6 (BIG-IP Local Traffic Manager), от 15.0.0 до 15.0.1.4 (BIG-IP Local Traffic Manager), от 15.1.0 до 15.1.0.4 (BIG-IP Local Traffic Manager), от 11.6.1 до 11.6.5.2 (BIG-IP Policy Enforcement Manager), от 12.1.0 до 12.1.5.2 (BIG-IP Policy Enforcement Manager), от 13.1.0 до 13.1.3.4 (BIG-IP Policy Enforcement Manager), от 14.1.0 до 14.1.2.6 (BIG-IP Policy Enforcement Manager), от 15.0.0 до 15.0.1.4 (BIG-IP Policy Enforcement Manager), от 15.1.0 до 15.1.0.4 (BIG-IP Policy Enforcement Manager), от 11.6.1 до 11.6.5.2 (SSL Orchestrator), от 12.1.0 до 12.1.5.2 (SSL Orchestrator), от 13.1.0 до 13.1.3.4 (SSL Orchestrator), от 14.1.0 до 14.1.2.6 (SSL Orchestrator), от 15.0.0 до 15.0.1.4 (SSL Orchestrator), от 15.1.0 до 15.1.0.4 (SSL Orchestrator)
Possible Mitigations
Использование рекомендаций:
https://support.f5.com/csp/article/K52145254
Reference
http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html
http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html
http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html
http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html
http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html
https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/
https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902
https://support.f5.com/csp/article/K52145254
https://swarm.ptsecurity.com/rce-in-f5-big-ip/
https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/
https://www.kb.cert.org/vuls/id/290915
CWE
CWE-94
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "F5 Networks, Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP Access Policy Manager), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Access Policy Manager), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Access Policy Manager), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP Access Policy Manager), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Access Policy Manager), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Access Policy Manager), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP Advanced Firewall Manager), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Advanced Firewall Manager), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Advanced Firewall Manager), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP Advanced Firewall Manager), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Advanced Firewall Manager), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Advanced Firewall Manager), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Advanced Web Application Firewall), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Advanced Web Application Firewall), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP Advanced Web Application Firewall), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Advanced Web Application Firewall), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Advanced Web Application Firewall), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP Analytics), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Analytics), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Analytics), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP Analytics), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Analytics), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Analytics), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Application Acceleration Manager), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Application Acceleration Manager), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP Application Acceleration Manager), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Application Acceleration Manager), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Application Acceleration Manager), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP Application Security Manager), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Application Security Manager), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Application Security Manager), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP Application Security Manager), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Application Security Manager), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Application Security Manager), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP DDos Hybrid Defender), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP DDos Hybrid Defender), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP DDos Hybrid Defender), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP DDos Hybrid Defender), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP DDos Hybrid Defender), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP DDos Hybrid Defender), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP DNS), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP DNS), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP DNS), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP DNS), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP DNS), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP DNS), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP Fraud Protection Service), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Fraud Protection Service), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Fraud Protection Service), \u043e\u0442 14.1.0\t\u0434\u043e 14.1.2.6 (BIG-IP Fraud Protection Service), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Fraud Protection Service), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Fraud Protection Service), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP Global Traffic Manager), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Global Traffic Manager), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Global Traffic Manager), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP Global Traffic Manager), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Global Traffic Manager), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Global Traffic Manager), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP Link Controller), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Link Controller), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Link Controller), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP Link Controller), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Link Controller), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Link Controller), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP Local Traffic Manager), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Local Traffic Manager), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Local Traffic Manager), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP Local Traffic Manager), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Local Traffic Manager), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Local Traffic Manager), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (BIG-IP Policy Enforcement Manager), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (BIG-IP Policy Enforcement Manager), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (BIG-IP Policy Enforcement Manager), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (BIG-IP Policy Enforcement Manager), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (BIG-IP Policy Enforcement Manager), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (BIG-IP Policy Enforcement Manager), \u043e\u0442 11.6.1 \u0434\u043e 11.6.5.2 (SSL Orchestrator), \u043e\u0442 12.1.0 \u0434\u043e 12.1.5.2 (SSL Orchestrator), \u043e\u0442 13.1.0 \u0434\u043e 13.1.3.4 (SSL Orchestrator), \u043e\u0442 14.1.0 \u0434\u043e 14.1.2.6 (SSL Orchestrator), \u043e\u0442 15.0.0 \u0434\u043e 15.0.1.4 (SSL Orchestrator), \u043e\u0442 15.1.0 \u0434\u043e 15.1.0.4 (SSL Orchestrator)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://support.f5.com/csp/article/K52145254",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "01.07.2020",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "04.04.2022",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "12.02.2021",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-00701",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-5902",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "BIG-IP Access Policy Manager, BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP DDos Hybrid Defender, BIG-IP DNS, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Enforcement Manager, SSL Orchestrator",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 TMUI \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 BIG-IP Access Policy Manager, \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430 BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 BIG-IP Application Acceleration Manager, \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 BIG-IP Application Security Manager, \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 DDoS-\u0430\u0442\u0430\u043a BIG-IP DDos Hybrid Defender, DNS-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 BIG-IP DNS, \u043c\u043e\u0434\u0443\u043b\u044f BIG-IP Fraud Protection Service, \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0442\u0440\u0430\u0444\u0438\u043a\u0430 BIG-IP Link Controller, \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 BIG-IP Local Traffic Manager, \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c BIG-IP Policy Enforcement Manager, \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0438 SSL \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 SSL Orchestrator, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u0434\u0430 (\u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430) (CWE-94)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 TMUI \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 BIG-IP Access Policy Manager, \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430 BIG-IP Advanced Firewall Manager, \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 BIG-IP Application Acceleration Manager, \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 BIG-IP Application Security Manager, \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 DDoS-\u0430\u0442\u0430\u043a BIG-IP DDos Hybrid Defender, DNS-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 BIG-IP DNS, \u043c\u043e\u0434\u0443\u043b\u044f BIG-IP Fraud Protection Service, \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0442\u0440\u0430\u0444\u0438\u043a\u0430 BIG-IP Link Controller, \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 BIG-IP Local Traffic Manager, \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c BIG-IP Policy Enforcement Manager, \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0438 SSL \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 SSL Orchestrator \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u0434\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html\nhttp://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html\nhttp://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html\nhttp://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html\nhttp://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html\nhttps://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/\nhttps://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902\nhttps://support.f5.com/csp/article/K52145254\nhttps://swarm.ptsecurity.com/rce-in-f5-big-ip/\nhttps://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/\nhttps://www.kb.cert.org/vuls/id/290915",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b, \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-94",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}
CNVD-2020-36383
Vulnerability from cnvd - Published: 2020-07-06
VLAI Severity ?
Title
F5 BIG-IP远程代码执行漏洞
Description
F5 BIG-IP是美国F5公司一款集成流量管理、DNS、Web应用防火墙、负载均衡等功能的应用交付平台。F5 BIG-IP充分利用了F5的TMOS构架,改进了链路性能,同时还可提供灵活的状态检查功能。
F5 BIG-IP存在远程代码执行漏洞。由于BIG-IP流量管理用户界面(TMUI)存在认证绕过缺陷,导致授权访问机制失效,未经身份验证的攻击者利用该漏洞通过向目标服务器发送恶意构造请求,可绕过授权访问页面,获得目标服务器权限,实现远程代码执行。
Severity
高
Patch Name
F5 BIG-IP远程代码执行漏洞的补丁
Patch Description
F5 BIG-IP是美国F5公司一款集成流量管理、DNS、Web应用防火墙、负载均衡等功能的应用交付平台。F5 BIG-IP充分利用了F5的TMOS构架,改进了链路性能,同时还可提供灵活的状态检查功能。
F5 BIG-IP存在远程代码执行漏洞。由于BIG-IP流量管理用户界面(TMUI)存在认证绕过缺陷,导致授权访问机制失效,未经身份验证的攻击者利用该漏洞通过向目标服务器发送恶意构造请求,可绕过授权访问页面,获得目标服务器权限,实现远程代码执行。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前,F5官方已发布新版本修复此漏洞,CNVD建议用户立即升级至最新版本: https://support.f5.com/csp/article/K52145254
Reference
https://support.f5.com/csp/article/K52145254
Impacted products
| Name | ['F5 BIG-IP 15.0.0', 'F5 BIG-IP 15.1.0', 'F5 BIG-IP 14.1.0-14.1.2', 'F5 BIG-IP 13.1.0-13.1.3', 'F5 BIG-IP 12.1.0-12.1.5'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-5902"
}
},
"description": "F5 BIG-IP\u662f\u7f8e\u56fdF5\u516c\u53f8\u4e00\u6b3e\u96c6\u6210\u6d41\u91cf\u7ba1\u7406\u3001DNS\u3001Web\u5e94\u7528\u9632\u706b\u5899\u3001\u8d1f\u8f7d\u5747\u8861\u7b49\u529f\u80fd\u7684\u5e94\u7528\u4ea4\u4ed8\u5e73\u53f0\u3002F5 BIG-IP\u5145\u5206\u5229\u7528\u4e86F5\u7684TMOS\u6784\u67b6\uff0c\u6539\u8fdb\u4e86\u94fe\u8def\u6027\u80fd\uff0c\u540c\u65f6\u8fd8\u53ef\u63d0\u4f9b\u7075\u6d3b\u7684\u72b6\u6001\u68c0\u67e5\u529f\u80fd\u3002\n\nF5 BIG-IP\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u7531\u4e8eBIG-IP\u6d41\u91cf\u7ba1\u7406\u7528\u6237\u754c\u9762\uff08TMUI\uff09\u5b58\u5728\u8ba4\u8bc1\u7ed5\u8fc7\u7f3a\u9677\uff0c\u5bfc\u81f4\u6388\u6743\u8bbf\u95ee\u673a\u5236\u5931\u6548\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5411\u76ee\u6807\u670d\u52a1\u5668\u53d1\u9001\u6076\u610f\u6784\u9020\u8bf7\u6c42\uff0c\u53ef\u7ed5\u8fc7\u6388\u6743\u8bbf\u95ee\u9875\u9762\uff0c\u83b7\u5f97\u76ee\u6807\u670d\u52a1\u5668\u6743\u9650\uff0c\u5b9e\u73b0\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
"formalWay": "\u76ee\u524d\uff0cF5\u5b98\u65b9\u5df2\u53d1\u5e03\u65b0\u7248\u672c\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0cCNVD\u5efa\u8bae\u7528\u6237\u7acb\u5373\u5347\u7ea7\u81f3\u6700\u65b0\u7248\u672c\uff1a\r\nhttps://support.f5.com/csp/article/K52145254",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-36383",
"openTime": "2020-07-06",
"patchDescription": "F5 BIG-IP\u662f\u7f8e\u56fdF5\u516c\u53f8\u4e00\u6b3e\u96c6\u6210\u6d41\u91cf\u7ba1\u7406\u3001DNS\u3001Web\u5e94\u7528\u9632\u706b\u5899\u3001\u8d1f\u8f7d\u5747\u8861\u7b49\u529f\u80fd\u7684\u5e94\u7528\u4ea4\u4ed8\u5e73\u53f0\u3002F5 BIG-IP\u5145\u5206\u5229\u7528\u4e86F5\u7684TMOS\u6784\u67b6\uff0c\u6539\u8fdb\u4e86\u94fe\u8def\u6027\u80fd\uff0c\u540c\u65f6\u8fd8\u53ef\u63d0\u4f9b\u7075\u6d3b\u7684\u72b6\u6001\u68c0\u67e5\u529f\u80fd\u3002\r\n\r\nF5 BIG-IP\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u7531\u4e8eBIG-IP\u6d41\u91cf\u7ba1\u7406\u7528\u6237\u754c\u9762\uff08TMUI\uff09\u5b58\u5728\u8ba4\u8bc1\u7ed5\u8fc7\u7f3a\u9677\uff0c\u5bfc\u81f4\u6388\u6743\u8bbf\u95ee\u673a\u5236\u5931\u6548\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5411\u76ee\u6807\u670d\u52a1\u5668\u53d1\u9001\u6076\u610f\u6784\u9020\u8bf7\u6c42\uff0c\u53ef\u7ed5\u8fc7\u6388\u6743\u8bbf\u95ee\u9875\u9762\uff0c\u83b7\u5f97\u76ee\u6807\u670d\u52a1\u5668\u6743\u9650\uff0c\u5b9e\u73b0\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "F5 BIG-IP\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"F5 BIG-IP 15.0.0",
"F5 BIG-IP 15.1.0",
"F5 BIG-IP 14.1.0-14.1.2",
"F5 BIG-IP 13.1.0-13.1.3",
"F5 BIG-IP 12.1.0-12.1.5"
]
},
"referenceLink": "https://support.f5.com/csp/article/K52145254",
"serverity": "\u9ad8",
"submitTime": "2020-07-02",
"title": "F5 BIG-IP\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…