Traffic Management Microkernel Vulnerability in F5 BIG-IP Virtual Edition
CVE-2020-5939

7.5HIGH

Key Information:

Vendor: F5
Status: Big-ip Virtual Edition (ve)
Vendor: CVE Published:; 5 November 2020

Summary

In specific versions of F5 BIG-IP Virtual Edition systems running on VMware, an issue arises when utilizing an Intel-based 85299 Network Interface Controller (NIC) card with Single Root I/O Virtualization (SR-IOV) enabled in vSphere. This vulnerability can cause the Traffic Management Microkernel (TMM) to fail, resulting in an inability to transmit traffic. This could potentially disrupt network services and affect overall system performance.

Affected Version(s)

BIG-IP Virtual Edition (VE) 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4

References

https://support.f5.com/csp/article/K75111593

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 5, 2020
Vulnerability Reserved
Jan 6, 2020