Access Control Bypass in F5 BIG-IP Virtual Edition
CVE-2020-5888
8.1HIGH
Summary
F5 BIG-IP Virtual Edition versions 15.1.0 through 15.1.0.1, 15.0.0 through 15.0.1.2, and 14.1.0 through 14.1.2.3 are vulnerable to an access control bypass issue. This vulnerability allows adjacent network attackers to potentially access local daemons and circumvent port lockdown settings, posing serious risks to network security. It is important for organizations using affected versions to apply security patches and implement protective measures.
Affected Version(s)
BIG-IP VE 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, 14.1.0-14.1.2.3
References
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved