CVE-2020-5906

In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not properly enforce the access controls for the scp.blacklist files. This allows Admin and Resource Admin users with Secure Copy SCP protocol access to read and overwrite blacklisted files via SCP...

PT-2020-18804 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 11.6.1 through 11.6.5.2 BIG-IP versions 12.1.0 through 12.1.5.2 BIG-IP versions 13.1.0 through 13.1.3.3 Description: The issue arises from the BIG-IP system's failure to properly enforce access controls for the scp.blacklist...