CVE-2020-5897 — Use After Free in F5 Big-ip Access Policy Manager Client

Severity

8.8HIGHNVD

EPSS

0.9%

top 24.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMay 12

Latest updateMay 24

Description

In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

GHSA

GHSA-r3g8-jcj5-f35g: In versions 7↗2022-05-24

▶

CVEList

CVE-2020-5897: In versions 7↗2020-05-12

▶

CVE-2020-5897: In versions 7↗2020-05-12

▶