Russian Vulnerability Scanner Database

Back to List

BDU:2021-00701

Scores

EPSS Score

0.0000

CVSS

3.x 9.8

Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

All CVSS Scores

CVSS 4.0
0.0
CVSS 3.x
9.8

Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0
10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Description

Уязвимость интерфейса TMUI средства контроля доступа и удаленной аутентификации BIG-IP Access Policy Manager, межсетевого экрана BIG-IP Advanced Firewall Manager, средства доставки приложений BIG-IP Application Acceleration Manager, средства защиты приложений BIG-IP Application Security Manager, средства защиты от DDoS-атак BIG-IP DDos Hybrid Defender, DNS-сервера BIG-IP DNS, модуля BIG-IP Fraud Protection Service, системы балансировки интернет-трафика BIG-IP Link Controller, системы балансировки локального трафика BIG-IP Local Traffic Manager, системы контроля и управления сетевым трафиком BIG-IP Policy Enforcement Manager, средства расшифровки SSL и перенаправления расшифрованного трафика SSL Orchestrator связана с ошибками управления генерацией кода. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код

Sources

bdu

Related Vulnerabilities

CVE-2020-5902

Reference Links

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-5902
http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html
http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html
http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html
http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html
http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html
https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/
https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902
https://support.f5.com/csp/article/K52145254
https://swarm.ptsecurity.com/rce-in-f5-big-ip/
https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/
https://www.kb.cert.org/vuls/id/290915

Vulnerable Software

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip access policy manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip access policy manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip access policy manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip access policy manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip access policy manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip access policy manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced firewall manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced firewall manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced firewall manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced firewall manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced firewall manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced firewall manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced web application firewall

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced web application firewall

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced web application firewall

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced web application firewall

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip advanced web application firewall

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip analytics

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip analytics

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip analytics

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip analytics

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip analytics

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip analytics

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application acceleration manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application acceleration manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application acceleration manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application acceleration manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application acceleration manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application security manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application security manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application security manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application security manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application security manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip application security manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip ddos hybrid defender

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip ddos hybrid defender

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip ddos hybrid defender

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip ddos hybrid defender

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip ddos hybrid defender

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip ddos hybrid defender

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip dns

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip dns

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip dns

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip dns

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip dns

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip dns

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip fraud protection service

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip fraud protection service

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip fraud protection service

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip fraud protection service

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip fraud protection service

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip fraud protection service

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip global traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip global traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip global traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip global traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip global traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip global traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip link controller

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip link controller

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip link controller

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip link controller

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip link controller

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip link controller

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip local traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip local traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip local traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip local traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip local traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip local traffic manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip policy enforcement manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip policy enforcement manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip policy enforcement manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip policy enforcement manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip policy enforcement manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: big-ip policy enforcement manager

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: ssl orchestrator

Operating System: * *

Trait: 
{
  "version_end_excluding": "11.6.5.2",
  "version_start_including": "11.6.1"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: ssl orchestrator

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.0.1.4",
  "version_start_including": "15.0.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: ssl orchestrator

Operating System: * *

Trait: 
{
  "version_end_excluding": "15.1.0.4",
  "version_start_including": "15.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: ssl orchestrator

Operating System: * *

Trait: 
{
  "version_end_excluding": "12.1.5.2",
  "version_start_including": "12.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: ssl orchestrator

Operating System: * *

Trait: 
{
  "version_end_excluding": "13.1.3.4",
  "version_start_including": "13.1.0"
}

Source: bdu

Type: Configuration

Vendor: f5 networks, inc.

Product: ssl orchestrator

Operating System: * *

Trait: 
{
  "version_end_excluding": "14.1.2.6",
  "version_start_including": "14.1.0"
}

Source: bdu