var-202004-2107
Vulnerability from variot
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in BIG-IP APM portal access, a specially crafted HTTP request can lead to reflected XSS after the BIG-IP APM system rewrites the HTTP response from the untrusted backend server and sends it to the client. BIG-IP APM portal access Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. F5 BIG-IP APM is a set of access and security solutions from F5 Corporation of the United States. The product provides unified access to business-critical applications and networks. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-2107",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0.1"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1.2"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "14.1.0 \u304b\u3089 14.1.2.3"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "15.0.0 \u304b\u3089 15.0.1.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "15.1.0 \u304b\u3089 15.1.0.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.1.0.33.11"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.1.0.48.11"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.1.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.1.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.1.0.1"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1.2",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.1.0.1",
"versionStartIncluding": "15.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5889"
}
]
},
"cve": "CVE-2020-5889",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-004835",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-184014",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2020-5889",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-004835",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-5889",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-004835",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2463",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-184014",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2020-5889",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in BIG-IP APM portal access, a specially crafted HTTP request can lead to reflected XSS after the BIG-IP APM system rewrites the HTTP response from the untrusted backend server and sends it to the client. BIG-IP APM portal access Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. F5 BIG-IP APM is a set of access and security solutions from F5 Corporation of the United States. The product provides unified access to business-critical applications and networks. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "VULMON",
"id": "CVE-2020-5889"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-5889",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1551.5",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1551",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-184014",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-5889",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"id": "VAR-202004-2107",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-184014"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:58:28.515000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "K24415506",
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k24415506"
},
{
"title": "F5 BIG-IP APM Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=117542"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k24415506"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-5889"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5889"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1551.5/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1551/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/f5-big-ip-apm-cross-site-scripting-32146"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181273"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-30T00:00:00",
"db": "VULHUB",
"id": "VHN-184014"
},
{
"date": "2020-04-30T00:00:00",
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"date": "2020-05-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"date": "2020-04-30T21:15:17.353000",
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"date": "2020-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-05T00:00:00",
"db": "VULHUB",
"id": "VHN-184014"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"date": "2020-05-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"date": "2020-05-05T15:47:22.850000",
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"date": "2020-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BIG-IP APM portal access Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.