K91171450 : BIG-IP engineering hotfix Trusted Platform Module vulnerability CVE-2020-5851

2020-01-1300:00:00

my.f5.com

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.2%

JSON

Security Advisory Description

On impacted versions and platforms, the Trusted Platform Module (TPM) system integrity check cannot detect modifications to specific system components. (CVE-2020-5851)

Impact

BIG-IP
The Trusted Platform Module (TPM) on the BIG-IP iSeries platforms (i850, i2000, i4000, i5000, i7000, i10000, i11000, i15000) and the VIPRION B4450 blades fails to function properly and is unable to detect any potential security compromise of the affected systems. This does not impact any other hardware platform.
Important: This vulnerability impacts only BIG-IP Engineering hotfixes obtained from F5 Support. Refer to the table in the following section for the list of affected versions. To verify if you are running an affected version from this list, perform the procedure in theRecommended Actions section. This vulnerability does not affect any of the BIG-IP major, minor, maintenance, or point releases you obtained from F5 Downloads.

BIG-IQ / Traffix SDC
There is no impact; these F5 products are not affected by this vulnerability.

CPENameOperatorVersion
big-iq centralized managementeq5.1.0
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-ip afmeq11.5.10
big-ip afmeq11.5.2
big-ip afmeq11.5.3

Name	Operator	Version
big-iq centralized management	eq	5.1.0
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-ip afm	eq	11.5.10
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3

Rows per page:

1-10 of 2891