CVE-2020-5921 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2020-5921

Analyzed

More Info Official Page

Source-f5sirt@f5.com

Published At-26 Aug, 2020 | 16:15

Updated At-21 Jul, 2021 | 11:39

in BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, Syn flood causes large number of MCPD context messages destined to secondary blades consuming memory leading to MCPD failure. This issue affects only VIPRION hosts with two or more blades installed. Single-blade VIPRION hosts are not affected.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P

CPE Matches

>>big-ip_access_policy_manager>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

>>big-ip_access_policy_manager>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

>>big-ip_access_policy_manager>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

>>big-ip_access_policy_manager>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

>>big-ip_advanced_firewall_manager>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

>>big-ip_advanced_firewall_manager>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

>>big-ip_advanced_firewall_manager>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

>>big-ip_advanced_firewall_manager>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

>>big-ip_analytics>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*

>>big-ip_analytics>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*

>>big-ip_analytics>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*

>>big-ip_analytics>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*

>>big-ip_application_acceleration_manager>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*

>>big-ip_application_acceleration_manager>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*

>>big-ip_application_acceleration_manager>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*

>>big-ip_application_acceleration_manager>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*

>>big-ip_application_security_manager>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

>>big-ip_application_security_manager>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

>>big-ip_application_security_manager>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

>>big-ip_application_security_manager>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

>>big-ip_domain_name_system>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*

>>big-ip_domain_name_system>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*

>>big-ip_domain_name_system>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*

>>big-ip_domain_name_system>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*

>>big-ip_fraud_protection_service>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*

>>big-ip_fraud_protection_service>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*

>>big-ip_fraud_protection_service>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*

>>big-ip_fraud_protection_service>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*

>>big-ip_global_traffic_manager>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_global_traffic_manager>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_global_traffic_manager>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_global_traffic_manager>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_link_controller>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*

>>big-ip_link_controller>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*

>>big-ip_link_controller>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*

>>big-ip_link_controller>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*

>>big-ip_local_traffic_manager>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_local_traffic_manager>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_local_traffic_manager>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_local_traffic_manager>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_policy_enforcement_manager>>Versions from 12.1.0(inclusive) to 12.1.5.2(exclusive)

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*

>>big-ip_policy_enforcement_manager>>Versions from 14.1.0(inclusive) to 14.1.2.7(exclusive)

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*

>>big-ip_policy_enforcement_manager>>Versions from 15.0.0(inclusive) to 15.0.1.4(exclusive)

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*

>>big-ip_policy_enforcement_manager>>Versions from 15.1.0(inclusive) to 15.1.0.5(exclusive)

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-noinfo	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
https://support.f5.com/csp/article/K00103216	f5sirt@f5.com	Vendor Advisory