VAR-202004-2107
Vulnerability from variot - Updated: 2023-12-18 11:58On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in BIG-IP APM portal access, a specially crafted HTTP request can lead to reflected XSS after the BIG-IP APM system rewrites the HTTP response from the untrusted backend server and sends it to the client. BIG-IP APM portal access Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. F5 BIG-IP APM is a set of access and security solutions from F5 Corporation of the United States. The product provides unified access to business-critical applications and networks. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-2107",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0.1"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1.2"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "14.1.0 \u304b\u3089 14.1.2.3"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "15.0.0 \u304b\u3089 15.0.1.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "15.1.0 \u304b\u3089 15.1.0.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.79.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.97.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.3.0.99.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.15.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.36.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.5.0.40.5"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.11.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.14.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.68.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.0.6.0.70.9"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.11.37"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.18.37"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.0.32.37"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.14.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.16.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.34.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.46.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.97.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.99.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.105.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.111.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.115.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.1.0.122.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "14.1.2.3"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.1.0.33.11"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.1.0.48.11"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.1.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.0.1.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.1,
"vendor": "f5",
"version": "15.1.0.1"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1.2",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.1.0.1",
"versionStartIncluding": "15.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5889"
}
]
},
"cve": "CVE-2020-5889",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-004835",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-184014",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2020-5889",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-004835",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-5889",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-004835",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2463",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-184014",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2020-5889",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in BIG-IP APM portal access, a specially crafted HTTP request can lead to reflected XSS after the BIG-IP APM system rewrites the HTTP response from the untrusted backend server and sends it to the client. BIG-IP APM portal access Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. F5 BIG-IP APM is a set of access and security solutions from F5 Corporation of the United States. The product provides unified access to business-critical applications and networks. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "VULMON",
"id": "CVE-2020-5889"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-5889",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1551.5",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1551",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-184014",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-5889",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"id": "VAR-202004-2107",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-184014"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:58:28.515000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "K24415506",
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k24415506"
},
{
"title": "F5 BIG-IP APM Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=117542"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k24415506"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-5889"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5889"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1551.5/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1551/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/f5-big-ip-apm-cross-site-scripting-32146"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181273"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-184014"
},
{
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-30T00:00:00",
"db": "VULHUB",
"id": "VHN-184014"
},
{
"date": "2020-04-30T00:00:00",
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"date": "2020-05-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"date": "2020-04-30T21:15:17.353000",
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"date": "2020-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-05T00:00:00",
"db": "VULHUB",
"id": "VHN-184014"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2020-5889"
},
{
"date": "2020-05-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004835"
},
{
"date": "2020-05-05T15:47:22.850000",
"db": "NVD",
"id": "CVE-2020-5889"
},
{
"date": "2020-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BIG-IP APM portal access Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004835"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2463"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…