K10251014 : BIG-IP VE TMM vulnerability CVE-2020-5887

2020-04-3000:00:00

my.f5.com

9 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.5%

JSON

Security Advisory Description

BIG-IP Virtual Edition (VE) may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings. (CVE-2020-5887)

Impact

The vulnerability can occur on BIG-IP VE systems with the following configuration:

An IPv6 forwarding virtual server
An IPv6 floating self IP address
A virtual server has the HTTP profile configured with http explicit proxyenabled and default-connect-handling set toallow

Hosts in adjacent networks may be able to bypass port lockdown settings on BIG-IP VE hosts.

CPENameOperatorVersion
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-iq centralized managementeq7.0.0
big-iq centralized managementeq7.1.0
big-ip afmeq11.6.1
big-ip afmeq11.6.2

Name	Operator	Version
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-iq centralized management	eq	7.0.0
big-iq centralized management	eq	7.1.0
big-ip afm	eq	11.6.1
big-ip afm	eq	11.6.2

Rows per page:

1-10 of 2091