Network Device Abstraction Layer Vulnerability in F5 BIG-IP Virtual Edition
CVE-2020-5881
7.5HIGH
Summary
In specific versions of F5's BIG-IP Virtual Edition, a vulnerability exists when VLAN groups are configured alongside devices using OSPF. This flaw can cause the Network Device Abstraction Layer (NDAL) interfaces to become unresponsive. Consequently, this disruption affects the communication between critical processes such as mcpd and tmm, potentially leading to service interruptions and degraded network performance.
Affected Version(s)
BIG-IP VE 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved