CVE-2020-27722

6.5MEDIUM

Key Information:

Vendor: F5
Status: Big-ip Apm
Vendor: CVE Published:; 24 December 2020

Summary

In BIG-IP APM versions 15.0.0-15.0.1.3, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumption.

Affected Version(s)

BIG-IP APM 15.0.0-15.0.1.3, 14.1.0-14.1.3, 13.1.0-13.1.3.4

References

https://support.f5.com/csp/article/K73657294

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 24, 2020
Vulnerability Reserved
Oct 26, 2020