K65372933 : BIG-IP HTTP/2 vulnerability CVE-2020-5875

2020-04-3000:00:00

my.f5.com

0.001 Low

EPSS

Percentile

42.6%

JSON

Security Advisory Description

Under certain conditions, the Traffic Management Microkernel (TMM) may generate a core file and restart while processing SSL traffic with an HTTP/2 full proxy. (CVE-2020-5875)

Impact

If you have enabled HTTP/2, Message Routing Framework (MRF), and SSL, a certain request sequence can trigger a condition that may cause TMM to generate a core file and restart. An attacker may be able to cause a BIG-IP system to produce a core file, disrupting the flow of traffic and causing a failover to a standby system.

CPENameOperatorVersion
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-iq centralized managementeq7.0.0
big-iq centralized managementeq7.1.0
big-ip afmeq11.6.1
big-ip afmeq11.6.2

Name	Operator	Version
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-iq centralized management	eq	7.0.0
big-iq centralized management	eq	7.1.0
big-ip afm	eq	11.6.1
big-ip afm	eq	11.6.2

Rows per page:

1-10 of 1891

0.001 Low

EPSS

Percentile

42.6%

JSON

Related for F5:K65372933