Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-5871 (GCVE-0-2020-5871)
Vulnerability from cvelistv5 – Published: 2020-04-30 19:49 – Updated: 2024-08-04 08:47
VLAI?
EPSS
Summary
On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.
Severity ?
No CVSS data available.
CWE
- DoS
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:47:40.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K43450419"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "14.1.0-14.1.2.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T19:49:40",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K43450419"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2020-5871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP",
"version": {
"version_data": [
{
"version_value": "14.1.0-14.1.2.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K43450419",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K43450419"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2020-5871",
"datePublished": "2020-04-30T19:49:40",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:47:40.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"07FC84CA-3E12-43FB-ADBD-7B988DEF3A97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"5BEE162F-A016-4EDB-A7D1-1F87945EED3E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"7F553CD8-01FF-4616-A32C-4F4B5844A6FD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"547D6BFB-5DE8-4027-88EF-0349400494D1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"7881BC1C-1B10-43D4-AD4A-545D7C7C4160\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"17DCA2C1-FD7A-430F-AD7C-4AB2DF7E233E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"F6DFBD76-20DB-497D-B407-1EAA5555B49F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"64B21CD4-4D50-45EC-8297-D54A1BBC6521\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"DA369F2E-2E17-4BEA-B894-14656D977B93\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"7E0B6F31-DC75-49C9-9E59-EF1CD68B1B3D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.2.3\", \"matchCriteriaId\": \"8D806FBF-8E6D-412C-B547-92AD9294B639\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.\"}, {\"lang\": \"es\", \"value\": \"En BIG-IP versiones 14.1.0 hasta 14.1.2.3, las peticiones no reveladas pueden conllevar a una denegaci\\u00f3n de servicio (DoS) cuando son enviadas hacia los servidores virtuales HTTP/2 de BIG-IP. El problema puede ocurrir cuando los cifrados, que han sido puestos en una lista negra por el RFC HTTP/2, son usados en los servidores de backend. Este es un problema del plano de datos. No hay una exposici\\u00f3n del plano de control.\"}]",
"id": "CVE-2020-5871",
"lastModified": "2024-11-21T05:34:44.380",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-04-30T20:15:12.480",
"references": "[{\"url\": \"https://support.f5.com/csp/article/K43450419\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K43450419\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-5871\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2020-04-30T20:15:12.480\",\"lastModified\":\"2024-11-21T05:34:44.380\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.\"},{\"lang\":\"es\",\"value\":\"En BIG-IP versiones 14.1.0 hasta 14.1.2.3, las peticiones no reveladas pueden conllevar a una denegaci\u00f3n de servicio (DoS) cuando son enviadas hacia los servidores virtuales HTTP/2 de BIG-IP. El problema puede ocurrir cuando los cifrados, que han sido puestos en una lista negra por el RFC HTTP/2, son usados en los servidores de backend. Este es un problema del plano de datos. No hay una exposici\u00f3n del plano de control.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"07FC84CA-3E12-43FB-ADBD-7B988DEF3A97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"5BEE162F-A016-4EDB-A7D1-1F87945EED3E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"7F553CD8-01FF-4616-A32C-4F4B5844A6FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"547D6BFB-5DE8-4027-88EF-0349400494D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"7881BC1C-1B10-43D4-AD4A-545D7C7C4160\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"17DCA2C1-FD7A-430F-AD7C-4AB2DF7E233E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"F6DFBD76-20DB-497D-B407-1EAA5555B49F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"64B21CD4-4D50-45EC-8297-D54A1BBC6521\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"DA369F2E-2E17-4BEA-B894-14656D977B93\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"7E0B6F31-DC75-49C9-9E59-EF1CD68B1B3D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.2.3\",\"matchCriteriaId\":\"8D806FBF-8E6D-412C-B547-92AD9294B639\"}]}]}],\"references\":[{\"url\":\"https://support.f5.com/csp/article/K43450419\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K43450419\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
GHSA-V5F3-28PP-96GJ
Vulnerability from github – Published: 2022-05-24 17:17 – Updated: 2022-05-24 17:17
VLAI?
Details
On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.
{
"affected": [],
"aliases": [
"CVE-2020-5871"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-30T20:15:00Z",
"severity": "MODERATE"
},
"details": "On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.",
"id": "GHSA-v5f3-28pp-96gj",
"modified": "2022-05-24T17:17:00Z",
"published": "2022-05-24T17:17:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5871"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K43450419"
}
],
"schema_version": "1.4.0",
"severity": []
}
CERTFR-2020-AVI-255
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans F5 BIG-IP. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| F5 | BIG-IP | BIG-IP 14.x versions antérieures à 14.1.2.4 | ||
| F5 | BIG-IP | BIG-IP 15.x versions antérieures à 15.1.0.2 et 15.0.1.3 | ||
| F5 | BIG-IP | BIG-IP 13.x toutes versions | ||
| F5 | BIG-IP | BIG-IP 12.x versions antérieures à 12.1.5.1 | ||
| F5 | BIG-IP | BIG-IP produit APM 14.x versions antérieures à 14.0.1.1 | ||
| F5 | BIG-IP | BIG-IP 11.x toutes versions |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIG-IP 14.x versions ant\u00e9rieures \u00e0 14.1.2.4",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP 15.x versions ant\u00e9rieures \u00e0 15.1.0.2 et 15.0.1.3",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP 13.x toutes versions",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP 12.x versions ant\u00e9rieures \u00e0 12.1.5.1",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP produit APM 14.x versions ant\u00e9rieures \u00e0 14.0.1.1",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP 11.x toutes versions",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-5876",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5876"
},
{
"name": "CVE-2020-5871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5871"
},
{
"name": "CVE-2020-5874",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5874"
},
{
"name": "CVE-2020-5888",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5888"
},
{
"name": "CVE-2020-5875",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5875"
},
{
"name": "CVE-2020-5884",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5884"
},
{
"name": "CVE-2020-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5889"
},
{
"name": "CVE-2020-5880",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5880"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 du 30 avril 2020",
"url": "https://support.f5.com/csp/article/K46901953?utm_source=f5support\u0026utm_medium=RSS"
}
],
"reference": "CERTFR-2020-AVI-255",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-04-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans F5 BIG-IP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans F5 BIG-IP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 du 30 avril 2020",
"url": null
}
]
}
CERTFR-2020-AVI-255
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans F5 BIG-IP. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| F5 | BIG-IP | BIG-IP 14.x versions antérieures à 14.1.2.4 | ||
| F5 | BIG-IP | BIG-IP 15.x versions antérieures à 15.1.0.2 et 15.0.1.3 | ||
| F5 | BIG-IP | BIG-IP 13.x toutes versions | ||
| F5 | BIG-IP | BIG-IP 12.x versions antérieures à 12.1.5.1 | ||
| F5 | BIG-IP | BIG-IP produit APM 14.x versions antérieures à 14.0.1.1 | ||
| F5 | BIG-IP | BIG-IP 11.x toutes versions |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIG-IP 14.x versions ant\u00e9rieures \u00e0 14.1.2.4",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP 15.x versions ant\u00e9rieures \u00e0 15.1.0.2 et 15.0.1.3",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP 13.x toutes versions",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP 12.x versions ant\u00e9rieures \u00e0 12.1.5.1",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP produit APM 14.x versions ant\u00e9rieures \u00e0 14.0.1.1",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP 11.x toutes versions",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-5876",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5876"
},
{
"name": "CVE-2020-5871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5871"
},
{
"name": "CVE-2020-5874",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5874"
},
{
"name": "CVE-2020-5888",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5888"
},
{
"name": "CVE-2020-5875",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5875"
},
{
"name": "CVE-2020-5884",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5884"
},
{
"name": "CVE-2020-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5889"
},
{
"name": "CVE-2020-5880",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5880"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 du 30 avril 2020",
"url": "https://support.f5.com/csp/article/K46901953?utm_source=f5support\u0026utm_medium=RSS"
}
],
"reference": "CERTFR-2020-AVI-255",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-04-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans F5 BIG-IP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans F5 BIG-IP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 du 30 avril 2020",
"url": null
}
]
}
FKIE_CVE-2020-5871
Vulnerability from fkie_nvd - Published: 2020-04-30 20:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.
References
| URL | Tags | ||
|---|---|---|---|
| f5sirt@f5.com | https://support.f5.com/csp/article/K43450419 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K43450419 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07FC84CA-3E12-43FB-ADBD-7B988DEF3A97",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEE162F-A016-4EDB-A7D1-1F87945EED3E",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F553CD8-01FF-4616-A32C-4F4B5844A6FD",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "547D6BFB-5DE8-4027-88EF-0349400494D1",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7881BC1C-1B10-43D4-AD4A-545D7C7C4160",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17DCA2C1-FD7A-430F-AD7C-4AB2DF7E233E",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6DFBD76-20DB-497D-B407-1EAA5555B49F",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64B21CD4-4D50-45EC-8297-D54A1BBC6521",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA369F2E-2E17-4BEA-B894-14656D977B93",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0B6F31-DC75-49C9-9E59-EF1CD68B1B3D",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D806FBF-8E6D-412C-B547-92AD9294B639",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure."
},
{
"lang": "es",
"value": "En BIG-IP versiones 14.1.0 hasta 14.1.2.3, las peticiones no reveladas pueden conllevar a una denegaci\u00f3n de servicio (DoS) cuando son enviadas hacia los servidores virtuales HTTP/2 de BIG-IP. El problema puede ocurrir cuando los cifrados, que han sido puestos en una lista negra por el RFC HTTP/2, son usados en los servidores de backend. Este es un problema del plano de datos. No hay una exposici\u00f3n del plano de control."
}
],
"id": "CVE-2020-5871",
"lastModified": "2024-11-21T05:34:44.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-30T20:15:12.480",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K43450419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K43450419"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2020-5871
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-5871",
"description": "On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.",
"id": "GSD-2020-5871"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-5871"
],
"details": "On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.",
"id": "GSD-2020-5871",
"modified": "2023-12-13T01:22:03.331007Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2020-5871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP",
"version": {
"version_data": [
{
"version_value": "14.1.0-14.1.2.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K43450419",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K43450419"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2020-5871"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K43450419",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K43450419"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2020-05-05T16:02Z",
"publishedDate": "2020-04-30T20:15Z"
}
}
}
VAR-202004-2015
Vulnerability from variot - Updated: 2023-12-18 14:00On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure. BIG-IP There is an unspecified vulnerability in.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in F5 BIG-IP versions 14.1.0 through 14.1.2.3. A remote attacker could exploit this vulnerability to cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-2015",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip access policy manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip analytics",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip application security manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip domain name system",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip link controller",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-5871"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004817"
},
{
"db": "NVD",
"id": "CVE-2020-5871"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5871"
}
]
},
"cve": "CVE-2020-5871",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-004817",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-183996",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-5871",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-004817",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-5871",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-004817",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2470",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-183996",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-5871",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-183996"
},
{
"db": "VULMON",
"id": "CVE-2020-5871"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004817"
},
{
"db": "NVD",
"id": "CVE-2020-5871"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2470"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure. BIG-IP There is an unspecified vulnerability in.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in F5 BIG-IP versions 14.1.0 through 14.1.2.3. A remote attacker could exploit this vulnerability to cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5871"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004817"
},
{
"db": "VULHUB",
"id": "VHN-183996"
},
{
"db": "VULMON",
"id": "CVE-2020-5871"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-5871",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004817",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2470",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1561",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-183996",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-5871",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-183996"
},
{
"db": "VULMON",
"id": "CVE-2020-5871"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004817"
},
{
"db": "NVD",
"id": "CVE-2020-5871"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2470"
}
]
},
"id": "VAR-202004-2015",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-183996"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:00:31.253000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "K43450419",
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k43450419"
},
{
"title": "F5 BIG-IP Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=117545"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004817"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2470"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5871"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k43450419"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-5871"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5871"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/f5-big-ip-denial-of-service-via-http-2-32138"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1561/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181312"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-183996"
},
{
"db": "VULMON",
"id": "CVE-2020-5871"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004817"
},
{
"db": "NVD",
"id": "CVE-2020-5871"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2470"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-183996"
},
{
"db": "VULMON",
"id": "CVE-2020-5871"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004817"
},
{
"db": "NVD",
"id": "CVE-2020-5871"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2470"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-30T00:00:00",
"db": "VULHUB",
"id": "VHN-183996"
},
{
"date": "2020-04-30T00:00:00",
"db": "VULMON",
"id": "CVE-2020-5871"
},
{
"date": "2020-05-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004817"
},
{
"date": "2020-04-30T20:15:12.480000",
"db": "NVD",
"id": "CVE-2020-5871"
},
{
"date": "2020-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2470"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-05T00:00:00",
"db": "VULHUB",
"id": "VHN-183996"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2020-5871"
},
{
"date": "2020-05-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004817"
},
{
"date": "2020-05-05T16:02:56.297000",
"db": "NVD",
"id": "CVE-2020-5871"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2470"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2470"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BIG-IP Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004817"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2470"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…