var-202008-0941
Vulnerability from variot
In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, undisclosed internally generated UDP traffic may cause the Traffic Management Microkernel (TMM) to restart under some circumstances. plural BIG-IP The product contains an exceptional condition check vulnerability.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is a F5 load balancing device.
F5 BIG-IP has security loopholes in processing UDP protocol data. Remote attackers can use this loophole to submit special requests to restart TMM and cause denial of service attacks. BIG-IP version 15.1.0 to 15.1.0.4, version 15.0.0 to 15.0.1.3, version 14.1.0 to 14.1.2.3, version 13.1.0 to 13.1.3.3, 12.1.0 Versions up to 12.1.5.1 and versions between 11.6.1 and 11.6.5.1 have security vulnerabilities
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-0941", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "big-ip domain name system", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip policy enforcement manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip advanced firewall manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip analytics", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip domain name system", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip domain name system", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip fraud protection service", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip global traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip analytics", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip policy enforcement manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip application acceleration manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip advanced firewall manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip analytics", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip analytics", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip local traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip global traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip access policy manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip advanced firewall manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip fraud protection service", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip local traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip application acceleration manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip access policy manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip advanced firewall manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip application security manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip fraud protection service", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip global traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip link controller", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip policy enforcement manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip application acceleration manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip local traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip fraud protection service", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip global traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip access policy manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip application acceleration manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip link controller", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "13.1.3.4" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip application security manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip fraud protection service", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip local traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip fraud protection service", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip application acceleration manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip access policy manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip policy enforcement manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip application acceleration manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip application security manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip global traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip link controller", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip global traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip local traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip application security manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip domain name system", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip local traffic manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip access policy manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip link controller", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip advanced firewall manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip access policy manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip application security manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip advanced firewall manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip application security manager", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip analytics", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.1.0.5" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip domain name system", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "12.1.0" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.0.0" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip domain name system", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "11.6.5.2" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip analytics", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "15.0.1.4" }, { "model": "big-ip link controller", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "12.1.5.2" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip link controller", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "14.1.2.7" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip access policy manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip advanced firewall manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip analytics", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip application acceleration manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip application security manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip domain name system", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip fraud protection service", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip global traffic manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip link controller", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip local traffic manager", "scope": null, "trust": 0.8, "vendor": "f5", "version": null }, { "model": "big-ip", "scope": "gte", "trust": 0.6, "vendor": "f5", "version": "14.1.0,\u003c=14.1.2.3" }, { "model": "big-ip", "scope": "gte", "trust": 0.6, "vendor": "f5", "version": "13.1.0,\u003c=13.1.3.3" }, { "model": "big-ip", "scope": "gte", "trust": 0.6, "vendor": "f5", "version": "12.1.0,\u003c=12.1.5.1" }, { "model": "big-ip", "scope": "gte", "trust": 0.6, "vendor": "f5", "version": "11.6.1,\u003c=11.6.5.1" }, { "model": "big-ip", "scope": "gte", "trust": 0.6, "vendor": "f5", "version": "15.1.0,\u003c=15.1.0.4" }, { "model": "big-ip", "scope": "gte", "trust": 0.6, "vendor": "f5", "version": "15.0.0,\u003c=15.0.1.3" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-50115" }, { "db": "JVNDB", "id": "JVNDB-2020-008725" }, { "db": "NVD", "id": "CVE-2020-5925" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:f5:big-ip_access_policy_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_advanced_firewall_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_analytics", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_application_acceleration_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_application_security_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_domain_name_system", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_fraud_protection_service", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_global_traffic_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_link_controller", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_local_traffic_manager", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-008725" } ] }, "cve": "CVE-2020-5925", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2020-5925", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.0, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 4.3, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2020-008725", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CNVD-2020-50115", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "VHN-184050", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2020-5925", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2020-008725", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2020-5925", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2020-008725", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-50115", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202008-1222", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-184050", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-50115" }, { "db": "VULHUB", "id": "VHN-184050" }, { "db": "JVNDB", "id": "JVNDB-2020-008725" }, { "db": "CNNVD", "id": "CNNVD-202008-1222" }, { "db": "NVD", "id": "CVE-2020-5925" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, undisclosed internally generated UDP traffic may cause the Traffic Management Microkernel (TMM) to restart under some circumstances. plural BIG-IP The product contains an exceptional condition check vulnerability.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is a F5 load balancing device. \n\r\n\r\nF5 BIG-IP has security loopholes in processing UDP protocol data. Remote attackers can use this loophole to submit special requests to restart TMM and cause denial of service attacks. BIG-IP version 15.1.0 to 15.1.0.4, version 15.0.0 to 15.0.1.3, version 14.1.0 to 14.1.2.3, version 13.1.0 to 13.1.3.3, 12.1.0 Versions up to 12.1.5.1 and versions between 11.6.1 and 11.6.5.1 have security vulnerabilities", "sources": [ { "db": "NVD", "id": "CVE-2020-5925" }, { "db": "JVNDB", "id": "JVNDB-2020-008725" }, { "db": "CNVD", "id": "CNVD-2020-50115" }, { "db": "VULHUB", "id": "VHN-184050" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-5925", "trust": 3.1 }, { "db": "JVNDB", "id": "JVNDB-2020-008725", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-50115", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-202008-1222", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.2928.2", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.2928", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.2928.3", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-184050", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-50115" }, { "db": "VULHUB", "id": "VHN-184050" }, { "db": "JVNDB", "id": "JVNDB-2020-008725" }, { "db": "CNNVD", "id": "CNNVD-202008-1222" }, { "db": "NVD", "id": "CVE-2020-5925" } ] }, "id": "VAR-202008-0941", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-50115" }, { "db": "VULHUB", "id": "VHN-184050" } ], "trust": 1.1615448 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "IoT" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-50115" } ] }, "last_update_date": "2024-11-23T23:11:18.344000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "K45421311", "trust": 0.8, "url": "https://support.f5.com/csp/article/K45421311" }, { "title": "Patch for F5 BIG-IP UDP request denial of service vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/232786" }, { "title": "BIG-IP Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=127301" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-50115" }, { "db": "JVNDB", "id": "JVNDB-2020-008725" }, { "db": "CNNVD", "id": "CNNVD-202008-1222" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-754", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-184050" }, { "db": "JVNDB", "id": "JVNDB-2020-008725" }, { "db": "NVD", "id": "CVE-2020-5925" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-5925" }, { "trust": 1.7, "url": "https://support.f5.com/csp/article/k45421311" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5925" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/f5-big-ip-denial-of-service-via-udp-33160" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2928/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2928.2/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2928.3/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-50115" }, { "db": "VULHUB", "id": "VHN-184050" }, { "db": "JVNDB", "id": "JVNDB-2020-008725" }, { "db": "CNNVD", "id": "CNNVD-202008-1222" }, { "db": "NVD", "id": "CVE-2020-5925" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-50115" }, { "db": "VULHUB", "id": "VHN-184050" }, { "db": "JVNDB", "id": "JVNDB-2020-008725" }, { "db": "CNNVD", "id": "CNNVD-202008-1222" }, { "db": "NVD", "id": "CVE-2020-5925" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-09-02T00:00:00", "db": "CNVD", "id": "CNVD-2020-50115" }, { "date": "2020-08-26T00:00:00", "db": "VULHUB", "id": "VHN-184050" }, { "date": "2020-09-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-008725" }, { "date": "2020-08-26T00:00:00", "db": "CNNVD", "id": "CNNVD-202008-1222" }, { "date": "2020-08-26T16:15:12.887000", "db": "NVD", "id": "CVE-2020-5925" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-09-02T00:00:00", "db": "CNVD", "id": "CNVD-2020-50115" }, { "date": "2020-08-31T00:00:00", "db": "VULHUB", "id": "VHN-184050" }, { "date": "2020-09-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-008725" }, { "date": "2020-10-22T00:00:00", "db": "CNNVD", "id": "CNNVD-202008-1222" }, { "date": "2024-11-21T05:34:50.353000", "db": "NVD", "id": "CVE-2020-5925" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202008-1222" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural BIG-IP Product Exceptional State Check Vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-008725" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202008-1222" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.