CVE-2020-27715
HIGH
7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
HIGH
7,8
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: none
Integrity: none
Availability: complete
Description
AI Translation Available
On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high (~100%) CPU utilization by the httpd daemon.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0061
Percentile
0,7th
Updated
EPSS Score Trend (Last 90 Days)
Application
Big-Ip Fraud Protection Service by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Link Controller by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Global Traffic Manager by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Access Policy Manager by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Analytics by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Application Acceleration Manager by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Link Controller by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Analytics by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Local Traffic Manager by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Application Acceleration Manager by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Policy Enforcement Manager by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Domain Name System by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Advanced Firewall Manager by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Fraud Protection Service by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Domain Name System by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Application Security Manager by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Application Security Manager by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Policy Enforcement Manager by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Global Traffic Manager by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Advanced Firewall Manager by F5
Version Range Affected
From
15.0.0
(inclusive)
To
15.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Local Traffic Manager by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Big-Ip Access Policy Manager by F5
Version Range Affected
From
14.1.0
(inclusive)
To
14.1.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://support.f5.com/csp/article/K25691186
https://support.f5.com/csp/article/K25691186