CVE-2020-5896
Published May 12, 2020
Last updated 5 years ago
Overview
- Description
- On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions.
- Source
- f5sirt@f5.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-276
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB74041C-839F-42B9-9DEA-3E1AF2736AFA", "versionEndIncluding": "11.6.5.1", "versionStartIncluding": "11.6.1" }, { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BA88EC9-FD8F-4CAF-8DDC-5358ABCA17C1", "versionEndIncluding": "12.1.5.1", "versionStartIncluding": "12.1.0" }, { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "002D2E41-C4FC-45CF-8C28-D0A7D3419880", "versionEndIncluding": "13.1.3.3", "versionStartIncluding": "13.1.0" }, { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76E97416-1D09-426A-BB6A-93014D92A756", "versionEndIncluding": "14.1.2.5", "versionStartIncluding": "14.1.0" }, { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63F60AB8-30E7-43E7-AE68-E05971B572B1", "versionEndIncluding": "15.1.0.3", "versionStartIncluding": "15.0.0" }, { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager_client:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37CCAE73-0973-4353-8CF8-06138E35B9DF", "versionEndIncluding": "7.1.9", "versionStartIncluding": "7.1.5" } ], "operator": "OR" } ] } ]