F5 Big-Ip Asm vulnerabilities

CVE-2020-5923 [MEDIUM] CVE-2020-5923: In BIG-IP versions 15 CVE-2020-5923: In BIG-IP versions 15 In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1 and BIG-IQ versions 5.4.0-7.0.0, Self-IP port-lockdown bypass via IPv6 link-local addresses. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IQ Affected Versions: 11.6.1

CVE-2020-5927 [MEDIUM] CWE-79 CVE-2020-5927: In versions 15 CVE-2020-5927: In versions 15 In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, and 14.1.0-14.1.2.6, BIG-IP ASM Configuration utility Stored-Cross Site Scripting. Affected Products: BIG-IP ASM Affected Versions: 14.1.0 - 14.1.2.7; 15.0.0 - 15.0.1.4; 15.1.0 - 15.1.0.5 F5 Advisory Articles: K55873574 F5 References: https://support.f5.com/csp/article/K55873574

CVE-2020-5917 [MEDIUM] CWE-326 CVE-2020-5917: In BIG-IP versions 15 CVE-2020-5917: In BIG-IP versions 15 In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2 and BIG-IQ versions 5.2.0-7.0.0, the host OpenSSH servers utilize keys of less than 2048 bits which are no longer considered secure. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG

CVE-2020-5928 [LOW] CWE-352 CVE-2020-5928: In versions 15 CVE-2020-5928: In versions 15 In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, BIG-IP ASM Configuration utility CSRF protection token can be reused multiple times. Affected Products: BIG-IP ASM Affected Versions: 11.5.2 - 11.6.5; 12.1.0 - 12.1.5.2; 13.1.0 - 13.1.3; 14.1.0 - 14.1.2.7; 15.0.0 - 15.0.1.4; 15.1.0 - 15.1.0.5 F5 Advisory Articles: K40843345 F5 References: ht

CVE-2020-5902 [CRITICAL] CWE-22 CVE-2020-5902: In BIG-IP versions 15 CVE-2020-5902: In BIG-IP versions 15 In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Advanced WAF, BIG-IP Analytics, BIG-IP DHD, BIG

CVE-2020-5904 [HIGH] CWE-352 CVE-2020-5904: In BIG-IP versions 15 CVE-2020-5904: In BIG-IP versions 15 In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery (CSRF) vulnerability in the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, exists in an undisclosed page. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM

CVE-2020-5906 [HIGH] CWE-276 CVE-2020-5906: In versions 13 CVE-2020-5906: In versions 13 In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not properly enforce the access controls for the scp.blacklist files. This allows Admin and Resource Admin users with Secure Copy (SCP) protocol access to read and overwrite blacklisted files via SCP. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GT

CVE-2020-5907 [HIGH] CVE-2020-5907: In BIG-IP versions 15 CVE-2020-5907: In BIG-IP versions 15 In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an authorized user provided with access only to the TMOS Shell (tmsh) may be able to conduct arbitrary file read/writes via the built-in sftp functionality. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG-I

CVE-2020-5905 [MEDIUM] CWE-79 CVE-2020-5905: In version 11 CVE-2020-5905: In version 11 In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network > WCCP page, the system does not sanitize all user-provided data before display. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG-IP Link Controller, BIG-IP PEM Affected Versions: 11.6.1 - 11.6.5.2 F5 Advisory Articles: K07051153 F5 References:

CVE-2020-5903 [MEDIUM] CWE-79 CVE-2020-5903: In BIG-IP versions 15 CVE-2020-5903: In BIG-IP versions 15 In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG-IP Link Controller, BIG-IP PEM Affected Versions: 12.1.0 - 1

CVE-2020-5886 [CRITICAL] CWE-319 CVE-2020-5886: On versions 15 CVE-2020-5886: On versions 15 On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability (HA) pair transfers sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP

CVE-2020-5884 [CRITICAL] CVE-2020-5884: On versions 15 CVE-2020-5884: On versions 15 On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the default deployment mode for BIG-IP high availability (HA) pair mirroring is insecure. This is a control plane issue that is exposed only on the network used for mirroring. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG

CVE-2020-5885 [CRITICAL] CWE-319 CVE-2020-5885: On versions 15 CVE-2020-5885: On versions 15 On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability (HA) pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP

CVE-2020-5887 [CRITICAL] CWE-668 CVE-2020-5887: On versions 15 CVE-2020-5887: On versions 15 On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP Edge Gateway, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP WebAcceler

CVE-2020-5872 [HIGH] CVE-2020-5872: On BIG-IP 14 CVE-2020-5872: On BIG-IP 14 On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel (TMM) may stop responding and cause a failover event. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG-

CVE-2020-5871 [HIGH] CVE-2020-5871: On BIG-IP 14 CVE-2020-5871: On BIG-IP 14 On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP

CVE-2020-5877 [HIGH] CVE-2020-5877: On BIG-IP 15 CVE-2020-5877: On BIG-IP 15 On BIG-IP 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, malformed input to the DATAGRAM::tcp iRules command within a FLOW_INIT event may lead to a denial of service. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG-IP Link Controller, BIG-IP PEM Affected Versions: 11.6.1 - 11.6.5.1; 12.1.0

CVE-2020-5876 [HIGH] CWE-319 CVE-2020-5876: On BIG-IP 15 CVE-2020-5876: On BIG-IP 15 On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address of a peer, adding a new peer, or when the Traffic Management Microkernel (TMM) first starts up. Affected Products:

CVE-2020-5880 [HIGH] CWE-434 CVE-2020-5880: Om BIG-IP 15 CVE-2020-5880: Om BIG-IP 15 Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG-IP Link Controller, B

CVE-2020-5878 [HIGH] CVE-2020-5878: On versions 15 CVE-2020-5878: On versions 15 On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Traffic Management Microkernel (TMM) may restart on BIG-IP Virtual Edition (VE) while processing unusual IP traffic. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP Analytics, BIG-IP DNS, BIG-IP FPS, BIG-IP GTM, BIG-IP LTM, BIG-IP Link Controller, BIG-IP PEM Affected Versions: 14.1.0 - 14.1.2.3; 15.0.0 - 15.0.1.1; 15.0.0 -