CVE Vulnerabilities

CVE-2020-5923

Published: Aug 26, 2020 | Modified: Sep 02, 2020
CVSS 3.x
5.4
MEDIUM
Source:
NVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVSS 2.x
4.8 MEDIUM
AV:A/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1 and BIG-IQ versions 5.4.0-7.0.0, Self-IP port-lockdown bypass via IPv6 link-local addresses.

Affected Software

Name Vendor Start Version End Version
Big-ip_access_policy_manager F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_access_policy_manager F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_access_policy_manager F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_access_policy_manager F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_access_policy_manager F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-ip_advanced_firewall_manager F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_advanced_firewall_manager F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_advanced_firewall_manager F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_advanced_firewall_manager F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_advanced_firewall_manager F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-ip_analytics F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_analytics F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_analytics F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_analytics F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_analytics F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-ip_application_acceleration_manager F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_application_acceleration_manager F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_application_acceleration_manager F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_application_acceleration_manager F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_application_acceleration_manager F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-ip_application_security_manager F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_application_security_manager F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_application_security_manager F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_application_security_manager F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_application_security_manager F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-ip_domain_name_system F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_domain_name_system F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_domain_name_system F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_domain_name_system F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_domain_name_system F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-ip_fraud_protection_service F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_fraud_protection_service F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_fraud_protection_service F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_fraud_protection_service F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_fraud_protection_service F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-ip_global_traffic_manager F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_global_traffic_manager F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_global_traffic_manager F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_global_traffic_manager F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_global_traffic_manager F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-ip_link_controller F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_link_controller F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_link_controller F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_link_controller F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_link_controller F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-ip_local_traffic_manager F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_local_traffic_manager F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_local_traffic_manager F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_local_traffic_manager F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_local_traffic_manager F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-ip_policy_enforcement_manager F5 11.6.1 (including) 11.6.5.2 (excluding)
Big-ip_policy_enforcement_manager F5 12.1.0 (including) 12.1.5.2 (excluding)
Big-ip_policy_enforcement_manager F5 13.1.0 (including) 13.1.3.4 (excluding)
Big-ip_policy_enforcement_manager F5 14.1.0 (including) 14.1.2.7 (excluding)
Big-ip_policy_enforcement_manager F5 15.0.0 (including) 15.1.0.5 (excluding)
Big-iq_centralized_management F5 6.0.0 (including) 6.1.0 (including)
Big-iq_centralized_management F5 5.4.0 (including) 5.4.0 (including)
Big-iq_centralized_management F5 7.0.0 (including) 7.0.0 (including)

References