Lucene search
F5CVELIST:CVE-2020-5933HistoryOct 29, 2020 - 3:11 p.m.
CVE-2020-5933
2020-10-2915:11:39
f5
www.cve.org
4
big-ip
http
compression
out-of-memory
slowloris-style
attack
versions
EPSS
0.001
Percentile
42.5%
On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger an out-of-memory condition on the BIG-IP system.
CNA Affected
[
{
"product": "BIG-IP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, 11.6.1-11.6.5.1"
}
]
}
]References
Related
prion
prion
Design/Logic Flaw
2020-10-29 16:15:00
cve
cve
CVE-2020-5933
2020-10-29 16:15:15
nvd
nvd
CVE-2020-5933
2020-10-29 16:15:15
nessus
nessus
f5
f5
K26244025 : BIG-IP HTTP compression profile vulnerability CVE-2020-5933
2020-10-28 00:00:00