Vulnerabilities > CVE-2020-5852 - Unspecified vulnerability in F5 products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

NVD

Published: 2020-01-14

Updated: 2020-02-05

Summary

Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Microkernel (TMM). This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. This issue only impacts specific engineering hotfixes. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.2.1.0.83.4-ENG Hotfix-BIGIP-12.1.4.1.0.97.6-ENG Hotfix-BIGIP-11.5.4.2.74.291-HF2

Vulnerable Configurations

Part	Description	Count
Application	F5 F5 BIG IP Local Traffic Manager 11.5.4.2.74.291 F5 BIG IP Local Traffic Manager 12.1.4.1.0.97.6 F5 BIG IP Local Traffic Manager 14.1.2.1.0.83.4 F5 BIG IP Advanced Firewall Manager 11.5.4.2.74.291 F5 BIG IP Advanced Firewall Manager 12.1.4.1.0.97.6 F5 BIG IP Advanced Firewall Manager 14.1.2.1.0.83.4 F5 BIG IP Application Acceleration Manager 11.5.4.2.74.291 F5 BIG IP Application Acceleration Manager 12.1.4.1.0.97.6 F5 BIG IP Application Acceleration Manager 14.1.2.1.0.83.4 F5 BIG IP Analytics 11.5.4.2.74.291 F5 BIG IP Analytics 12.1.4.1.0.97.6 F5 BIG IP Analytics 14.1.2.1.0.83.4 F5 BIG IP Access Policy Manager 11.5.4.2.74.291 F5 BIG IP Access Policy Manager 12.1.4.1.0.97.6 F5 BIG IP Access Policy Manager 14.1.2.1.0.83.4 F5 BIG IP Application Security Manager 11.5.4.2.74.291 F5 BIG IP Application Security Manager 12.1.4.1.0.97.6 F5 BIG IP Application Security Manager 14.1.2.1.0.83.4 F5 BIG IP Edge Gateway 11.5.4.2.74.291 F5 BIG IP Edge Gateway 12.1.4.1.0.97.6 F5 BIG IP Edge Gateway 14.1.2.1.0.83.4 F5 BIG IP Fraud Protection Service 11.5.4.2.74.291 F5 BIG IP Fraud Protection Service 12.1.4.1.0.97.6 F5 BIG IP Fraud Protection Service 14.1.2.1.0.83.4 F5 BIG IP Global Traffic Manager 11.5.4.2.74.291 F5 BIG IP Global Traffic Manager 12.1.4.1.0.97.6 F5 BIG IP Global Traffic Manager 14.1.2.1.0.83.4 F5 BIG IP Link Controller 11.5.4.2.74.291 F5 BIG IP Link Controller 12.1.4.1.0.97.6 F5 BIG IP Link Controller 14.1.2.1.0.83.4 F5 BIG IP Policy Enforcement Manager 11.5.4.2.74.291 F5 BIG IP Policy Enforcement Manager 12.1.4.1.0.97.6 F5 BIG IP Policy Enforcement Manager 14.1.2.1.0.83.4 F5 BIG IP Webaccelerator 11.5.4.2.74.291 F5 BIG IP Webaccelerator 12.1.4.1.0.97.6 F5 BIG IP Webaccelerator 14.1.2.1.0.83.4 F5 BIG IP Domain Name System 11.5.4.2.74.291 F5 BIG IP Domain Name System 12.1.4.1.0.97.6 F5 BIG IP Domain Name System 14.1.2.1.0.83.4	39

References

https://support.f5.com/csp/article/K53590702