CVE-2020-5949

Published Dec 11, 2020
Last updated 4 years ago
CVSS high 7.5
Overview

Description: On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.
Source: f5sirt@f5.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92233BA4-276B-46F4-94E2-423B8EB2074D",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29AE9C3B-C87C-4D48-8C74-A25CE73C3C97",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DED2933-E11F-4C59-9DEC-9C8A563EB324",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46362DA5-7B1C-4944-9B16-7C46FCB091EE",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD000EE7-2559-4D41-8DFD-2358F24EA804",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4AFCA70-BF3B-41DA-B0DE-03E91F3B372A",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E3A8E8E-E758-43F1-889B-58B171DBCE18",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E25DC6CD-8A17-4C18-A8DA-CC7BD131812D",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA52F4CD-599A-4FAB-B172-80156A9A409D",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA7122D0-588F-4D3E-B4D7-086413255E7C",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFDEE0E6-3A43-40C5-896B-A993CEC4A868",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "505AA546-BE89-4BE2-8C6D-6E487716A429",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C30C3FE3-BBA8-4CE4-BEE7-82A24F64FE7C",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40F9AD60-A67D-444C-83BE-11D2F7814572",
            "versionEndExcluding": "13.1.3.5",
            "versionStartIncluding": "13.1.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1598AA1C-C81D-4B5E-8783-5782CEC373E0",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4FFB099-6A12-4F1C-B775-F7121C279EC3",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED3B7AB0-99FE-42A2-9FF5-69DF3FDFFD6B",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CD20616-65D2-4703-8CAD-5630A71B8469",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E8BB4A7-1BF1-4851-ABFB-3FB693CB2FF1",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D29149D-4F16-4AFE-BDF1-6F7A9B2E1912",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E9950DA-83C8-4EA8-B861-860E528A9C53",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF2E70B9-005D-46C5-ABD1-5802A2F5AF6A",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A59D5860-DC68-4E8D-8D94-9B3CA8354F73",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED984A90-3ECF-4B75-B6E3-B8C0F13EC812",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A09DB41E-EE90-4A50-B1EB-E7EEE2C09BE9",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E407EDA6-D024-4BE0-B150-F9B14D595B6F",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0DD83D5-B967-4661-9514-D8A557F52764",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E0987E0-374D-49B5-ADF9-A5CCAC70394A",
            "versionEndExcluding": "14.1.0",
            "versionStartIncluding": "14.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
