Vulnerabilities > CVE-2020-5851 - Unspecified vulnerability in F5 products

CVSS 4.6 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

low complexity

NVD

Published: 2020-01-14

Updated: 2020-01-29

Summary

On impacted versions and platforms the Trusted Platform Module (TPM) system integrity check cannot detect modifications to specific system components. This issue only impacts specific engineering hotfixes and platforms. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.0.2.0.45.4-ENG Hotfix-BIGIP-14.1.0.2.0.62.4-ENG

Vulnerable Configurations

Part	Description	Count
Application	F5 F5 BIG IP Local Traffic Manager 14.1.0.2.0.45.4 F5 BIG IP Local Traffic Manager 14.1.0.2.0.62.4 F5 BIG IP Advanced Firewall Manager 14.1.0.2.0.45.4 F5 BIG IP Advanced Firewall Manager 14.1.0.2.0.62.4 F5 BIG IP Application Acceleration Manager 14.1.0.2.0.45.4 F5 BIG IP Application Acceleration Manager 14.1.0.2.0.62.4 F5 BIG IP Analytics 14.1.0.2.0.45.4 F5 BIG IP Analytics 14.1.0.2.0.62.4 F5 BIG IP Access Policy Manager 14.1.0.2.0.45.4 F5 BIG IP Access Policy Manager 14.1.0.2.0.62.4 F5 BIG IP Application Security Manager 14.1.0.2.0.45.4 F5 BIG IP Application Security Manager 14.1.0.2.0.62.4 F5 BIG IP Edge Gateway 14.1.0.2.0.45.4 F5 BIG IP Edge Gateway 14.1.0.2.0.62.4 F5 BIG IP Fraud Protection Service 14.1.0.2.0.45.4 F5 BIG IP Fraud Protection Service 14.1.0.2.0.62.4 F5 BIG IP Global Traffic Manager 14.1.0.2.0.45.4 F5 BIG IP Global Traffic Manager 14.1.0.2.0.62.4 F5 BIG IP Link Controller 14.1.0.2.0.45.4 F5 BIG IP Link Controller 14.1.0.2.0.62.4 F5 BIG IP Policy Enforcement Manager 14.1.0.2.0.45.4 F5 BIG IP Policy Enforcement Manager 14.1.0.2.0.62.4 F5 BIG IP Webaccelerator 14.1.0.2.0.45.4 F5 BIG IP Webaccelerator 14.1.0.2.0.62.4 F5 BIG IP Domain Name System 14.1.0.2.0.45.4 F5 BIG IP Domain Name System 14.1.0.2.0.62.4	26
Hardware	F5 F5 BIG IP 2800 - F5 BIG IP I10600 - F5 BIG IP I10800 - F5 BIG IP I11600 - F5 BIG IP I11800 - F5 BIG IP I15600 - F5 BIG IP I15800 - F5 BIG IP I2600 - F5 BIG IP I4600 - F5 BIG IP I4800 - F5 BIG IP I5600 - F5 BIG IP I5800 - F5 BIG IP I7600 - F5 BIG IP I7800 - F5 BIG IP I850 -	15

References

https://support.f5.com/csp/article/K91171450