K57274211 : BIG-IQ system interface vulnerability CVE-2020-5944

2020-11-0200:00:00

my.f5.com

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.6%

JSON

Security Advisory Description

Accessing the DoS Summary events and DNS Overview pages in the BIG-IQ system interface returns an error message due to disabled Grafana reverse proxy in web service configuration. (CVE-2020-5944)

F5 has done further review of this vulnerability and has re-classified it as a defect.

CVE-2020-5944 will continue to reference this Security Advisory and will not be assigned to other F5 vulnerabilities.

Impact

The BIG-IQ Monitoring events and dashboards for DoS Summary events and DNS Overview pages in the BIG-IQ system interface are inaccessible.

CPENameOperatorVersion
f5 ssl orchestratoreq14.1.0
f5 ssl orchestratoreq15.1.0
f5 ssl orchestratoreq16.0.0
big-ip afmeq11.6.1
big-ip afmeq11.6.2
big-ip afmeq11.6.3
big-ip afmeq11.6.4
big-ip afmeq11.6.5
big-ip afmeq12.1.0
big-ip afmeq12.1.1

Name	Operator	Version
f5 ssl orchestrator	eq	14.1.0
f5 ssl orchestrator	eq	15.1.0
f5 ssl orchestrator	eq	16.0.0
big-ip afm	eq	11.6.1
big-ip afm	eq	11.6.2
big-ip afm	eq	11.6.3
big-ip afm	eq	11.6.4
big-ip afm	eq	11.6.5
big-ip afm	eq	12.1.0
big-ip afm	eq	12.1.1

Rows per page:

1-10 of 2021