CVE-2020-5873
Published Apr 30, 2020
Last updated 5 years ago
Overview
- Description
- On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure copy (scp) utility but does not have access to Advanced Shell (bash) can execute arbitrary commands using a maliciously crafted scp request.
- Source
- f5sirt@f5.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FBA9552-4645-4BFF-91A4-47B6A3414325",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C3B5688-0235-4D4F-A26C-440FF24A1B43",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7174510-CC8F-4F4D-9706-C7CBB99D7172",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07FC84CA-3E12-43FB-ADBD-7B988DEF3A97",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6A53E3C-3E09-4100-8D5A-10AD4973C230",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14A4E46D-F0DB-4201-9102-EC89FACBE780",
"versionEndIncluding": "5.4.0",
"versionStartIncluding": "5.2.0"
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F37D18F2-8C6A-4557-85DC-2A751595423C",
"versionEndIncluding": "6.1.0",
"versionStartIncluding": "6.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C88B0206-093A-4A18-8322-A1CD1D4ACF2A",
"versionEndIncluding": "7.1.0",
"versionStartIncluding": "7.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61D1B91F-8672-4947-AF9A-F635679D0FB7",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "151ED6D1-AA85-4213-8F3A-8167CBEC4721",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2BFAF3E-5E01-4EBF-AC8C-92DDFF38EB8F",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BEE162F-A016-4EDB-A7D1-1F87945EED3E",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCAE28C2-0ADD-4FD0-A520-EFB764164DD8",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3787453-ECE9-4958-8FD8-8A43A9F86077",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D5AA99B-08E7-4959-A3B4-41AA527B4B22",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88FFA413-C798-4FB6-AA37-1BDD1C11DD06",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F553CD8-01FF-4616-A32C-4F4B5844A6FD",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36A213C6-D6E4-4F38-989D-81D3DFC11829",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05ED802A-A8A0-4E96-AB45-811A98AA11C2",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DC86A5F-C793-4848-901F-04BFB57A07F6",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C13DFF4A-CD7C-4B9A-AD90-79E29FC1D117",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "547D6BFB-5DE8-4027-88EF-0349400494D1",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59D9F39B-206B-4E76-A811-1CAA705A60EE",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B15992E6-85B6-4E62-A284-FE4B78F5F373",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E5552A3-91CD-4B97-AD33-4F1FB4C8827A",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "241F94B5-C01C-4F62-85D9-EAC3C71845BC",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7881BC1C-1B10-43D4-AD4A-545D7C7C4160",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70099A38-3B84-4C40-8590-BE6C8F7C21A7",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8376922B-0D04-4E5D-BADE-0D6AC23A4696",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55C2EC23-E78F-4447-BACF-21FC36ABF155",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09B194A3-5261-4063-9E02-19855CCD8A90",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17DCA2C1-FD7A-430F-AD7C-4AB2DF7E233E",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DE40473-ABAE-4D91-8EBB-FB5719E107F6",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0471086D-B70E-4B87-862E-01FB99B0D5D5",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "945A19E8-51EB-42FE-9BF1-12DAC78B5286",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48A3DFA8-2DB0-4F65-AE6F-BB02CF42EE7E",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6DFBD76-20DB-497D-B407-1EAA5555B49F",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18B5A918-F9AA-4889-94A7-33E6E54CF383",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD3D5803-35A0-4FF7-9AD3-E345C53A18FC",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB5007D0-BBDB-4D74-9C88-98FBA74757D1",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBE0191C-ABA8-4FBE-99FE-D8DD9ABCA57D",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64B21CD4-4D50-45EC-8297-D54A1BBC6521",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF606356-8191-478D-AF60-D48A408CD9ED",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E20DFBD1-5469-4330-81B1-078D6487C01D",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7725810-66D2-4460-A174-9F3BFAD966F2",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC6FB035-B2F6-452B-A407-85535B07D897",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA369F2E-2E17-4BEA-B894-14656D977B93",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA3E37E6-64B9-4668-AC01-933711E1C934",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F92F2449-8A6E-431E-8CB1-5255D2464B31",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFD760FE-4347-4D36-B5C6-4009398060F2",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76D757F4-B333-4EFB-87CE-1F14BD1B1734",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E0B6F31-DC75-49C9-9E59-EF1CD68B1B3D",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CCD3CF9-EA9D-43FF-8ADA-713B4B5C468E",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53F940F3-6CF4-48C8-BFBF-4FE9B3A26D31",
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.6.1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65B76F53-7D8B-477E-8B6E-91AC0A9009FF",
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1886D50C-6B79-4A7F-887B-08093F0C4894",
"versionEndIncluding": "13.1.3.1",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D806FBF-8E6D-412C-B547-92AD9294B639",
"versionEndIncluding": "14.1.2.3",
"versionStartIncluding": "14.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC6612AB-E46B-4A8B-9B3E-C711D8C27962",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
}
]