CVE-2020-5890
Published Apr 30, 2020
Last updated 5 years ago
Overview
- Description
- On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1 and BIG-IQ 5.2.0-7.1.0, when creating a QKView, credentials for binding to LDAP servers used for remote authentication of the BIG-IP administrative interface will not fully obfuscate if they contain whitespace.
- Source
- f5sirt@f5.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14A4E46D-F0DB-4201-9102-EC89FACBE780",
"versionEndIncluding": "5.4.0",
"versionStartIncluding": "5.2.0"
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F37D18F2-8C6A-4557-85DC-2A751595423C",
"versionEndIncluding": "6.1.0",
"versionStartIncluding": "6.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:7.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B589C35-55F2-4D40-B5A6-8267EE20D627"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA7C740B-CC18-4A4E-B7B8-57D91100103C",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D38EFD71-28B9-48B0-8C6B-BF96D8F140EF",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "079B4276-42EF-41D5-A0F1-580EBE892C0F",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3B7FE01-3055-4172-A36A-DF574850AC38",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54ABBB5C-A2C1-4185-A11B-2A1681FD57DC",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAE9D5FC-79D6-48F8-977C-F296436F37DA",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "926143DC-CCCE-4B2E-ADE1-18B5B94DD0CC",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "680647C7-196E-43C9-9D82-CDA085A4133C",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3E0E5DC-5F7D-470D-98DC-5D5D2C331BAB",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "314BB9AA-25A2-4FA9-9B2E-CB65F65B3ADE",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FFE6F119-5539-43F0-B1F8-ACA75B0CB9DC",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C09F131-59CE-415B-B6B1-4FF5C1074E1A",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "243AB00B-6322-4B94-A68D-980A778FACE4",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7885696-ED18-495A-9D6E-3F3400C57D58",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "141305E7-D56C-418B-9AC5-5D606EBCC554",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDB2DD44-F70E-48F1-B348-BBB1C027FEA1",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1BA88EC9-FD8F-4CAF-8DDC-5358ABCA17C1",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "002D2E41-C4FC-45CF-8C28-D0A7D3419880",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9656079B-7AE2-4EDC-8E53-A861548B6F74",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4896C1AA-421D-4152-8EB5-0BF38A810FDC",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "341A3823-A402-49D5-8F57-809A16CFCD25",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33FC0627-C380-45CC-8FFC-AF600D2CA7AA",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C73493EE-E374-4F6F-AFA1-0C7A4C9448D0",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6112963-58D9-48EB-80A6-183A340B137A",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "687DFFA9-6791-40BD-887D-969452EECA96",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC4C7C62-ACB0-4570-8D09-F3540CAE54F5",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB80A297-3C41-4DF2-88A8-64F0AC7ED40C",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C739DCF6-37D6-4F08-9F77-FFCD8F080229",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBFB6841-AC42-4A66-9684-08454A1FBD36",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "053EDC2D-3DC5-4612-8010-25FEA32F5FF6",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7FC909D-BF02-4E2A-A313-266AD7AD0A3D",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFF3908C-7E76-4682-BA06-C2C1EB13BDEF",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C9C0E51-1262-42E0-864E-D112A2DBBA15",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89947BF1-7F05-4099-BFBB-6C2AD5B46A16",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF98A4E2-61C2-435A-8D9B-CC9AD49CA5C0",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60CF9532-1A50-4435-91B1-899E866E7134",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCB3A134-E649-4EB6-88B0-74331C593A90",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A8D708F-165C-4FB8-83EB-7879DD85D0D2",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "245B1B00-A779-47AF-AF00-F53683CD761D",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3683CED0-6D35-4E3B-A31F-CD227235C0E9",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA7E180E-DCBE-4421-A018-C8D4B495D20D",
"versionEndIncluding": "12.1.5.1",
"versionStartIncluding": "12.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DCC39897-00DF-4E6F-8608-570098011978",
"versionEndIncluding": "13.1.3.3",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "497B525F-B871-4298-B2B0-565E5D59CE3F",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8B40157-CC6E-4017-81B5-6D8A31B38BED",
"versionEndExcluding": "15.1.0.2",
"versionStartIncluding": "15.0.0"
}
],
"operator": "OR"
}
]
}
]