cbcvebase.
CVE-2020-27728
published 2020-12-24

CVE-2020-27728: On BIG-IP ASM & Advanced WAF versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, under certain conditions, Analytics, Visibility, and Reporting…

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
On BIG-IP ASM & Advanced WAF versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, under certain conditions, Analytics, Visibility, and Reporting daemon (AVRD) may generate a core file and restart on the BIG-IP system when processing requests sent from mobile devices.

Affected

8 ranges
VendorProductVersion rangeFixed in
f5big-ip_advanced_waf
f5big-ip_advanced_web_application_firewall>= 14.1.0 < 14.1.3.114.1.3.1
f5big-ip_advanced_web_application_firewall>= 15.0.0 < 15.1.115.1.1
f5big-ip_advanced_web_application_firewall>= 16.0.0 < 16.0.116.0.1
f5big-ip_application_security_manager>= 14.1.0 < 14.1.3.114.1.3.1
f5big-ip_application_security_manager>= 15.0.0 < 15.1.115.1.1
f5big-ip_application_security_manager>= 16.0.0 < 16.0.116.0.1
f5big-ip_asm