Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.F5_BIGIP_SOL43638305.NASL
HistoryJul 01, 2020 - 12:00 a.m.

F5 Networks BIG-IP : BIG-IP TMUI XSS vulnerability (K43638305)

2020-07-0100:00:00
This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
41

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.1%

JSON

A Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility.(CVE-2020-5903)

Impact

An attacker can exploit this vulnerability torun JavaScript in the context of the currently logged-in user. In the case of an administrative user with access to the Advanced Shell ( bash ), successful exploitation of this vulnerability can be leveraged to completely compromise the BIG-IP system through Remote Code Execution.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K43638305.
#
# The text description of this plugin is (C) F5 Networks.
#

include('compat.inc');

if (description)
{
  script_id(137917);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/02");

  script_cve_id("CVE-2020-5903");
  script_xref(name:"IAVA", value:"2020-A-0283-S");
  script_xref(name:"CEA-ID", value:"CEA-2020-0055");

  script_name(english:"F5 Networks BIG-IP : BIG-IP TMUI XSS vulnerability (K43638305)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"A Cross-Site Scripting (XSS) vulnerability exists in an undisclosed
page of the BIG-IP Configuration utility.(CVE-2020-5903)

Impact

An attacker can exploit this vulnerability torun JavaScript in the
context of the currently logged-in user. In the case of an
administrative user with access to the Advanced Shell ( bash ),
successful exploitation of this vulnerability can be leveraged to
completely compromise the BIG-IP system through Remote Code Execution.");
  script_set_attribute(attribute:"see_also", value:"https://my.f5.com/manage/s/article/K43638305");
  script_set_attribute(attribute:"solution", value:
"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K43638305.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-5903");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"in_the_news", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/07/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/06/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/07/01");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_domain_name_system");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"F5 Networks Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("f5_bigip_detect.nbin");
  script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport");

  exit(0);
}


include('f5_func.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var version = get_kb_item('Host/BIG-IP/version');
if ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');
if ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');
if ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');

if (report_paranoia < 2) audit(AUDIT_PARANOID);

var sol = 'K43638305';
var vmatrix = {
  'AFM': {
    'affected': [
      '15.1.0','15.0.0','14.1.0-14.1.2','13.1.0-13.1.3','12.1.0-12.1.5'
    ],
    'unaffected': [
      '16.0.0','15.1.0.4','15.0.1.4','14.1.2.6','13.1.3.4','12.1.5.2'
    ],
  },
  'AM': {
    'affected': [
      '15.1.0','15.0.0','14.1.0-14.1.2','13.1.0-13.1.3','12.1.0-12.1.5'
    ],
    'unaffected': [
      '16.0.0','15.1.0.4','15.0.1.4','14.1.2.6','13.1.3.4','12.1.5.2'
    ],
  },
  'APM': {
    'affected': [
      '15.1.0','15.0.0','14.1.0-14.1.2','13.1.0-13.1.3','12.1.0-12.1.5'
    ],
    'unaffected': [
      '16.0.0','15.1.0.4','15.0.1.4','14.1.2.6','13.1.3.4','12.1.5.2'
    ],
  },
  'ASM': {
    'affected': [
      '15.1.0','15.0.0','14.1.0-14.1.2','13.1.0-13.1.3','12.1.0-12.1.5'
    ],
    'unaffected': [
      '16.0.0','15.1.0.4','15.0.1.4','14.1.2.6','13.1.3.4','12.1.5.2'
    ],
  },
  'AVR': {
    'affected': [
      '15.1.0','15.0.0','14.1.0-14.1.2','13.1.0-13.1.3','12.1.0-12.1.5'
    ],
    'unaffected': [
      '16.0.0','15.1.0.4','15.0.1.4','14.1.2.6','13.1.3.4','12.1.5.2'
    ],
  },
  'DNS': {
    'affected': [
      '15.1.0','15.0.0','14.1.0-14.1.2','13.1.0-13.1.3','12.1.0-12.1.5'
    ],
    'unaffected': [
      '16.0.0','15.1.0.4','15.0.1.4','14.1.2.6','13.1.3.4','12.1.5.2'
    ],
  },
  'GTM': {
    'affected': [
      '15.1.0','15.0.0','14.1.0-14.1.2','13.1.0-13.1.3','12.1.0-12.1.5'
    ],
    'unaffected': [
      '16.0.0','15.1.0.4','15.0.1.4','14.1.2.6','13.1.3.4','12.1.5.2'
    ],
  },
  'LC': {
    'affected': [
      '15.1.0','15.0.0','14.1.0-14.1.2','13.1.0-13.1.3','12.1.0-12.1.5'
    ],
    'unaffected': [
      '16.0.0','15.1.0.4','15.0.1.4','14.1.2.6','13.1.3.4','12.1.5.2'
    ],
  },
  'LTM': {
    'affected': [
      '15.1.0','15.0.0','14.1.0-14.1.2','13.1.0-13.1.3','12.1.0-12.1.5'
    ],
    'unaffected': [
      '16.0.0','15.1.0.4','15.0.1.4','14.1.2.6','13.1.3.4','12.1.5.2'
    ],
  },
  'PEM': {
    'affected': [
      '15.1.0','15.0.0','14.1.0-14.1.2','13.1.0-13.1.3','12.1.0-12.1.5'
    ],
    'unaffected': [
      '16.0.0','15.1.0.4','15.0.1.4','14.1.2.6','13.1.3.4','12.1.5.2'
    ],
  }
};

if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
  set_kb_item(name:'www/0/XSS', value:TRUE);
  var extra = NULL;
  if (report_verbosity > 0) extra = bigip_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : extra
  );
}
else
{
  var tested = bigip_get_tested_modules();
  var audit_extra = 'For BIG-IP module(s) ' + tested + ',';
  if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
  else audit(AUDIT_HOST_NOT, 'running any of the affected modules');
}
VendorProductVersionCPE
f5big-ip_access_policy_managercpe:/a:f5:big-ip_access_policy_manager
f5big-ip_advanced_firewall_managercpe:/a:f5:big-ip_advanced_firewall_manager
f5big-ip_application_acceleration_managercpe:/a:f5:big-ip_application_acceleration_manager
f5big-ip_application_security_managercpe:/a:f5:big-ip_application_security_manager
f5big-ip_application_visibility_and_reportingcpe:/a:f5:big-ip_application_visibility_and_reporting
f5big-ip_domain_name_systemcpe:/a:f5:big-ip_domain_name_system
f5big-ip_global_traffic_managercpe:/a:f5:big-ip_global_traffic_manager
f5big-ip_link_controllercpe:/a:f5:big-ip_link_controller
f5big-ip_local_traffic_managercpe:/a:f5:big-ip_local_traffic_manager
f5big-ip_policy_enforcement_managercpe:/a:f5:big-ip_policy_enforcement_manager
Rows per page:
1-10 of 111

Related

f5 2
prion 1
cve 1
cvelist 1
nvd 1
ptsecurity 1
githubexploit 1
qualysblog 1
thn 1
trendmicroblog 1
threatpost 2
cert 1
f5
f5
K43638305 : BIG-IP TMUI XSS vulnerability CVE-2020-5903
2020-07-01 00:00:00
K31301245 : TMUI CSRF vulnerability CVE-2020-5904
2020-07-01 00:00:00
prion
prion
Cross site scripting
2020-07-01 15:15:00
cve
cve
CVE-2020-5903
2020-07-01 15:15:15
cvelist
cvelist
CVE-2020-5903
2020-07-01 14:42:00
nvd
nvd
CVE-2020-5903
2020-07-01 15:15:15
ptsecurity
ptsecurity
PT-2020-05: Cross-site scripting (XSS) in F5 Traffic Management User Interface (TMUI)
2020-01-04 00:00:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in F5 Big-Ip Access Policy Manager
2020-08-25 02:07:41
qualysblog
qualysblog
F5 BIG-IP Remote Code Execution Vulnerability (CVE-2020-5902)
2020-07-06 23:09:52
thn
thn
Critical RCE Flaw Affects F5 BIG-IP Application Security Servers
2020-07-04 14:20:00
trendmicroblog
trendmicroblog
This Week in Security News: 15 Billion Credentials Currently Up for Grabs on Hacker Forums and New Mirai Variant Expands Arsenal
2020-07-10 12:30:22
threatpost
threatpost
Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover
2020-07-17 20:59:33
Admins Urged to Patch Critical F5 Flaw Under Active Attack
2020-07-06 19:06:20
cert
cert
F5 BIG-IP contains multiple vulnerabilities including unauthenticated remote command execution
2020-07-08 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.1%

JSON
Related for F5_BIGIP_SOL43638305.NASL
f52prion1cve1cvelist1nvd1ptsecurity1githubexploit1qualysblog1thn1trendmicroblog1threatpost2cert1