CVE-2020-5949

Published: Dic 11, 2020 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2020-27103 Aliases: GSD-2020-5949
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
MEDIUM 5,0
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: none
Integrity: none
Availability: partial

Description

AI Translation Available

On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0065
Percentile
0,7th
Updated

EPSS Score Trend (Last 90 Days)

Application

Big-Ip Access Policy Manager by F5

Product Information
Vendor F5
Product Big-Ip Access Policy Manager
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Advanced Firewall Manager by F5

Product Information
Vendor F5
Product Big-Ip Advanced Firewall Manager
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Ssl Orchestrator by F5

Product Information
Vendor F5
Product Big-Ip Ssl Orchestrator
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Ssl Orchestrator by F5

Product Information
Vendor F5
Product Big-Ip Ssl Orchestrator
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Analytics by F5

Product Information
Vendor F5
Product Big-Ip Analytics
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Application Acceleration Manager by F5

Product Information
Vendor F5
Product Big-Ip Application Acceleration Manager
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Local Traffic Manager by F5

Product Information
Vendor F5
Product Big-Ip Local Traffic Manager
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Analytics by F5

Product Information
Vendor F5
Product Big-Ip Analytics
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Application Security Manager by F5

Product Information
Vendor F5
Product Big-Ip Application Security Manager
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Ddos Hybrid Defender by F5

Product Information
Vendor F5
Product Big-Ip Ddos Hybrid Defender
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Advanced Web Application Firewall by F5

Product Information
Vendor F5
Product Big-Ip Advanced Web Application Firewall
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Ddos Hybrid Defender by F5

Product Information
Vendor F5
Product Big-Ip Ddos Hybrid Defender
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Access Policy Manager by F5

Product Information
Vendor F5
Product Big-Ip Access Policy Manager
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Link Controller by F5

Product Information
Vendor F5
Product Big-Ip Link Controller
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Application Security Manager by F5

Product Information
Vendor F5
Product Big-Ip Application Security Manager
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Fraud Protection Service by F5

Product Information
Vendor F5
Product Big-Ip Fraud Protection Service
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Advanced Firewall Manager by F5

Product Information
Vendor F5
Product Big-Ip Advanced Firewall Manager
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Fraud Protection Service by F5

Product Information
Vendor F5
Product Big-Ip Fraud Protection Service
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Policy Enforcement Manager by F5

Product Information
Vendor F5
Product Big-Ip Policy Enforcement Manager
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Global Traffic Manager by F5

Product Information
Vendor F5
Product Big-Ip Global Traffic Manager
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Domain Name System by F5

Product Information
Vendor F5
Product Big-Ip Domain Name System
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Policy Enforcement Manager by F5

Product Information
Vendor F5
Product Big-Ip Policy Enforcement Manager
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Domain Name System by F5

Product Information
Vendor F5
Product Big-Ip Domain Name System
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Local Traffic Manager by F5

Product Information
Vendor F5
Product Big-Ip Local Traffic Manager
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Advanced Web Application Firewall by F5

Product Information
Vendor F5
Product Big-Ip Advanced Web Application Firewall
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Global Traffic Manager by F5

Product Information
Vendor F5
Product Big-Ip Global Traffic Manager
Version Range Affected
From 14.0.0 (inclusive)
To 14.1.0 (exclusive)
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Application Acceleration Manager by F5

Product Information
Vendor F5
Product Big-Ip Application Acceleration Manager
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Big-Ip Link Controller by F5

Product Information
Vendor F5
Product Big-Ip Link Controller
Version Range Affected
From 13.1.0 (inclusive)
To 13.1.3.5 (exclusive)
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://support.f5.com/csp/article/K20984059
Vendor Advisory
https://support.f5.com/csp/article/K20984059
https://support.f5.com/csp/article/K20984059
Vendor Advisory
https://support.f5.com/csp/article/K20984059