Crypto Key Vulnerability in F5 BIG-IP and BIG-IQ Products
CVE-2020-5917

5.9MEDIUM

Key Information:

Vendor: F5
Status: Big-ip, Big-iq
Vendor: CVE Published:; 26 August 2020

What is CVE-2020-5917?

The vulnerability arises from the use of OpenSSH servers in F5 BIG-IP and BIG-IQ products that employ cryptographic keys shorter than 2048 bits. These insufficiently robust keys are deemed insecure in the current landscape of cybersecurity threats, making SSH connections susceptible to interception and exploitation by malicious actors. Organizations using affected versions must upgrade to ensure strong cryptographic standards and maintain secure communications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

BIG-IP, BIG-IQ BIG-IP 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, 11.6.1-11.6.5.2

BIG-IP, BIG-IQ BIG-IQ 5.2.0-7.0.0

References

https://support.f5.com/csp/article/K43404629

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 26, 2020
Vulnerability Reserved
Jan 6, 2020

JSON

F5

What is CVE-2020-5917?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.