cbcvebase.
CVE-2020-5913
published 2020-08-26

CVE-2020-5913: In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, the BIG-IP Client or Server SSL profile ignores revoked…

high7.4CVSS 3.1
AVNACHPRNUINSUCHIHAN
In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, the BIG-IP Client or Server SSL profile ignores revoked certificates, even when a valid CRL is present. This impacts SSL/TLS connections and may result in a man-in-the-middle attack on the connections.

Affected

99 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip_aam
f5big-ip_access_policy_manager
f5big-ip_access_policy_manager>= 11.6.1 < 11.6.511.6.5
f5big-ip_access_policy_manager>= 12.1.0 < 12.1.5.212.1.5.2
f5big-ip_access_policy_manager>= 13.1.0 < 13.1.313.1.3
f5big-ip_access_policy_manager>= 14.1.0 < 14.1.2-0.89.3714.1.2-0.89.37
f5big-ip_access_policy_manager>= 14.1.2.1 < 14.1.2.514.1.2.5
f5big-ip_access_policy_manager>= 15.0.0 < 15.0.1.215.0.1.2
f5big-ip_advanced_firewall_manager>= 11.6.1 < 11.6.511.6.5
f5big-ip_advanced_firewall_manager>= 12.1.0 < 12.1.5.212.1.5.2
f5big-ip_advanced_firewall_manager>= 13.1.0 < 13.1.313.1.3
f5big-ip_advanced_firewall_manager>= 14.1.0 < 14.1.2-0.89.3714.1.2-0.89.37
f5big-ip_advanced_firewall_manager>= 14.1.2.1 < 14.1.2.514.1.2.5
f5big-ip_advanced_firewall_manager>= 15.0.0 < 15.0.1.215.0.1.2
f5big-ip_advanced_waf
f5big-ip_advanced_web_application_firewall>= 11.6.1 < 11.6.511.6.5
f5big-ip_advanced_web_application_firewall>= 12.1.0 < 12.1.5.212.1.5.2
f5big-ip_advanced_web_application_firewall>= 13.1.0 < 13.1.313.1.3
f5big-ip_advanced_web_application_firewall>= 14.1.0 < 14.1.2-0.89.3714.1.2-0.89.37
f5big-ip_advanced_web_application_firewall>= 14.1.2.1 < 14.1.2.514.1.2.5
f5big-ip_advanced_web_application_firewall>= 15.0.0 < 15.0.1.215.0.1.2
f5big-ip_afm
f5big-ip_analytics
f5big-ip_analytics>= 11.6.1 < 11.6.511.6.5
f5big-ip_analytics>= 12.1.0 < 12.1.5.212.1.5.2