Vulnerabilities > CVE-2020-5881 - Unspecified vulnerability in F5 products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
f5
nessus

Summary

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition (VE) is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer (NDAL) Interfaces can lock up and in turn disrupting the communication between the mcpd and tmm processes.

Vulnerable Configurations

Part Description Count
Application
F5
734

Nessus

NASL familyF5 Networks Local Security Checks
NASL idF5_BIGIP_SOL03386032.NASL
descriptionWhen the BIG-IP Virtual Edition (VE) is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer (NDAL) Interfaces can lock up and in turn disruptingthe communication between the mcpd and tmm processes(CVE-2020-5881). Impact This issue only affects BIG-IP VE. The BIG-IP system temporarily fails to process traffic as it recovers from a Traffic Management Microkernel (TMM)restart, and devices configured in a device group may fail over.
last seen2020-05-12
modified2020-04-30
plugin id136129
published2020-04-30
reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/136129
titleF5 Networks BIG-IP : BIG-IP VE interface vulnerability (K03386032)