fkie_cve-2020-5929
Vulnerability from fkie_nvd
Published
2020-09-25 14:15
Modified
2024-11-21 05:34
Severity ?
Summary
In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | https://support.f5.com/csp/article/K91158923 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K91158923 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70FF147E-70DD-4FE1-9778-D9A190653B32",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9037A34-60F5-4A75-9B1E-63992472668B",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EF594CCA-2FE4-4233-B5E8-E24FDA0631FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "F0800BF9-76E5-4D1A-A4E1-B9827C2ABB74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "5EACB885-3BB2-4291-BC79-57CA189F03CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DEC8423E-1AD9-4EAC-8233-C580001DFBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "07DE0F37-E908-4102-B504-9E56322C28BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "22910FCA-BE87-4F61-A1C4-C13D8E54795C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F112F302-F738-434B-BFD1-848AC0345F7D",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5C57D2-23E7-442A-9CF7-40996E07EFE0",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "C5E40B55-CBAF-45D7-85A7-2645EE79074D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "8E8037A0-63AA-48DD-AF9B-0DE6372A82A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "0A90C209-002D-4629-9BF7-1A0E1CD63164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3E31B7D5-CD57-40DE-A4DA-CEA4ED72A72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "E5865312-86A6-4BF1-906F-14821A825F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "C9265E7A-ADEE-4A3D-9D93-5B023B1BC7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "042D3A19-2F4D-45D4-97A4-C1EC6352F389",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A473F59-33D8-4496-AE7E-8804C6CEA79D",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "6155F5C7-08ED-4E89-9981-1C6892C7B950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "7FA3C044-3E22-4913-AD5F-C16D8E69064A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "CC828D69-7ADF-4F91-8AAA-573F8E755BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "2D79EEB5-1D2B-406F-80F4-411B8D1082E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "21ED963D-F796-48B7-B8B9-16AF04121DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "E475B23E-4828-4D9A-8C8C-98735A08C7DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCB33B3-1035-4F6D-AF86-2BFF75B3E5AD",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77C1AAC1-9404-415A-BE58-0E8E4FBEEB3A",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "561E3C54-4B3A-45DD-A72F-A080343257D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "41E9AFDB-185C-40F8-B538-B11C157CACA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "91598B5F-2FB1-4FE3-8736-14A5F20FEFAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "37DBEC42-49E4-41FF-A5CF-B2C1769BD7A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "BA170BC1-505E-49FE-AD37-B5FAC70C9ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "2EA52E3C-349A-4A6F-8167-40343BCF60EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "281403D0-773D-4F37-83EE-F62EF96B3B72",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE23E4A6-B8B4-4738-9C4F-8F037EAE1F02",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "BC152A60-A74C-462A-88BA-28EC5922BFF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "306D8178-9362-4E83-8CBC-7FE594875418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "EB950A9D-3444-45EA-BDEE-DC0814FFC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FD91B30-E127-49B7-BFC0-20F5AFA04156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "0B8A00CA-1577-4674-AAF7-335D3846CED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "3C5937EE-EA57-4918-A5B8-FD8C05D7D39C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5236265-D881-42BA-9064-F25EFE81C126",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B79C6D1-3FE4-400B-B2E9-8247D73A74A8",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "4D7F8FE6-7124-4CC1-BBD7-DDD9DB329877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "2CE86895-3244-4B6D-BEBA-BF74468F5BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "110D8D98-9715-42DD-A967-0728A9D3C422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3E9F83DD-1DC7-450B-82F6-5ACEE37FF701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "26D3BEF3-E29F-402F-B1ED-B7B74BA2E196",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "6E4231B1-DA7E-4D80-B3E6-401CDA1E24F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D713731-3970-4A12-86FE-B8D566FE47FF",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BFC319D-3B14-4D84-98E2-5ACFDA0D5857",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "660DC6C0-93E8-458A-A36F-990178A085BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "89D16C83-F321-4E5A-B0BB-7458AE3093EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "380EA379-85B3-496E-8267-9267713FF9C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3D137802-A48A-4199-825A-CE32BE8046CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "D9561C89-6109-450D-B8FB-C8FDC52EDF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "A93822CD-4242-4C37-8F7D-B89F02711D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82654D85-8BE0-43CF-B117-3F13A4B776DA",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5AA87AA-CD1A-4E72-ACC4-3DA37F1BB6DA",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E25445A5-B5D8-4321-8CEF-4C48875A0864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "0E6DD4A4-4496-4CE7-8A7D-420ABAF9B5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "80914B19-88A2-4B91-915C-AB2E88F8BA68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "140C82AC-5146-453A-8F54-80DEBC3E47C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "C8C3C7E6-9A71-4100-AF8F-E258ACA87DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "F364FFC1-129E-4044-AA1D-7616A9DA9742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EABB97D1-1B3F-495C-AA84-BEF5F9B49737",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C0CF36-056F-40B2-A37D-5FBAC1474C91",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "C3EAFEA9-B710-476A-9274-ABA1D0530FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "81C43AC9-9572-46C5-87A9-A0482B166949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "05CE7A90-A4D7-4DC8-9E40-A00E8A73383D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B5392AD7-A914-4E49-A427-24A1C025CE13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "5B3B7585-DBD6-4B7E-A531-5AF06CA9A26C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "3928B719-73A2-4F4F-B99E-3B20E73A56BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71DF7CA5-58AC-4A5A-BE8B-E4980954F574",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B19D361-EC13-404E-BEB3-2FE57F08D21C",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "FA6D1B1F-9243-47B8-8524-5FA0DB2BD25E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "B135D9F2-BC26-4B4C-9311-8E5462C0D990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "98DDA9FF-BFCA-46B1-B54B-E66DF37EA3D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "46168539-16F5-4D68-8C60-231DC7304DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "7B2C13FC-4A5A-487D-93DC-51C350461326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "BEDABC39-977F-4D10-9CD7-BC28C9AFEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB7A1F6-2E72-4FCD-938A-0C52615770A1",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C0EC8B-AB4D-4457-8781-9F80B0DDD5AC",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EE591064-DF44-4838-A9AA-CB33EBFD0ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "5492BACB-7266-42C7-9CCB-8274CE283F37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "B56659EF-E0D2-4274-9E77-E3B584CF8985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4EC093A4-BA4F-40EF-8279-5D93EF131B80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "EE3FF6AC-7BF4-42B9-976E-F326F01F8BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "1C4AF4BD-FDD2-42B4-BA95-4D5A4A45E243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3A9176-70E0-4E5B-B93E-76E6B436ECF8",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "534284B2-1FC8-4769-98DB-83D0A03F0FB5",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "774ECB69-5F65-4B81-9FAE-474C4181B211",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "5BDCB0E8-94D5-4B20-B4CC-A49A086FDD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "A2F4D185-AE08-47BF-B480-BFBEE290FD26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A9FD757D-7C65-44E3-B995-186D4670021F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "EB319ED0-52D3-4FB6-86DD-727A1601CAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "65CC7B3C-B657-4996-9B84-148624669C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42E60917-B217-41C4-9455-BC8B67FB1218",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE16F299-6B74-4317-A0B4-451FD090BF53",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "544CAF10-0F4D-4DCF-99A4-16BF26DB8294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A5C9A263-245B-4F94-B6FE-46C6C9DE33A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "55A5BD6E-CC23-4DFA-BE89-1B7164CA003A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "8145A49C-E53C-448E-AAEF-3AFE870F833A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "6B517CAC-2BAD-4CD0-9157-57349E0365D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "30386BAE-5D66-4447-A432-774EEF99B185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7830DB26-7308-4FBD-A81F-69419EB88871",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BA9423-4C0D-4932-9802-51DCDC91F0A5",
"versionEndExcluding": "12.1.2",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:11.6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "42625AC5-88A6-4721-A5EC-31B0EAF5E96C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:12.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "76A3DDE3-905D-4A31-A7A9-3E747D2326CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:12.1.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "2B3C08CC-F5B4-453F-B0BA-48930614C1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:13.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3E7E08B3-6B94-4B91-8689-61762267B648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:13.0.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "69BFCE0C-D4C9-4C0E-8EEA-FA1BAEF73320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:ssl_orchestrator:13.0.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "7CEE3D81-4668-4ED1-AF87-96ECE7C7A0BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability."
},
{
"lang": "es",
"value": "En las versiones 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1 y 11.6.1-11.6.2, las plataformas BIG-IP con tarjetas de aceleraci\u00f3n de hardware Cavium Nitrox SSL, un Servidor Virtual configurado con un perfil SSL de Cliente, y el uso de intercambio de Claves Diffie-Hellman de Anonymous (ADH) o Ephemeral (DHE) y la opci\u00f3n de uso Single DH no habilitada en la lista de opciones puede ser vulnerable a protocolos de enlace SSL/TLS dise\u00f1ados que pueden resultar con un PMS (Pre-Master Secret) que comienza en un byte 0 y puede conllevar a la recuperaci\u00f3n de mensajes de texto plano, ya que BIG-IP TLS/SSL ADH/DHE env\u00eda diferentes mensajes de error que act\u00faan como un or\u00e1culo.\u0026#xa0;Los mensajes de error similares cuando PMS comienza con 0 bytes junto con una observaci\u00f3n de medici\u00f3n de tiempo muy precisa tambi\u00e9n pueden exponer esta vulnerabilidad"
}
],
"id": "CVE-2020-5929",
"lastModified": "2024-11-21T05:34:50.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-25T14:15:13.970",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K91158923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K91158923"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.