CVE-2020-5893

3.7LOW

Key Information:

Vendor: F5
Status: Big-ip Edge Client
Vendor: CVE Published:; 30 April 2020

Summary

In versions 7.1.5-7.1.8, when a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection.

Affected Version(s)

BIG-IP Edge Client 7.1.5-7.1.8

References

https://support.f5.com/csp/article/K97733133

x_refsource_CONFIRM

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 30, 2020
Vulnerability Reserved
Jan 6, 2020