Excessive Resource Consumption in BIG-IP APM due to VDI Plugin Issue
CVE-2020-27722

6.5MEDIUM

Key Information:

Vendor: F5
Status: Big-ip Apm
Vendor: CVE Published:; 24 December 2020

What is CVE-2020-27722?

A vulnerability in the VDI plugin of F5 Networks' BIG-IP APM allows for excessive resource consumption under specific conditions. This affects multiple versions of the product, compromising system performance and potentially leading to service disruptions.

Affected Version(s)

BIG-IP APM 15.0.0-15.0.1.3, 14.1.0-14.1.3, 13.1.0-13.1.3.4

References

https://support.f5.com/csp/article/K73657294

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2020
Vulnerability Reserved
Oct 26, 2020