CVE-2020-5869
published 2020-04-24CVE-2020-5869: In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-path attackers to read / modify confidential data in…
critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-path attackers to read / modify confidential data in transit.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-iq | — | — |
| f5 | big-iq_centralized_management | — | — |
| f5 | big-iq_centralized_management | 5.2.0 – 5.4.0 | — |
| f5 | big-iq_centralized_management | 6.0.0 – 6.1.0 | — |
| f5 | big-iq_centralized_management | >= 7.0.0 < 7.1.0 | 7.1.0 |