CVE-2020-5942

Published: Nov 5, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

In BIG-IP PEM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when processing Capabilities-Exchange-Answer (CEA) packets with certain attributes from the Policy and Charging Rules Function (PCRF) server, the Traffic Management Microkernel (TMM) may generate a core file and restart.

Affected (6)

Products: F5: Big Ip Policy Enforcement Manager

1 product

Big Ip Policy Enforcement Manager

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
F5 Big Ip Policy Enforcement Manager	From 11.6.1 to 11.6.5.2
F5 Big Ip Policy Enforcement Manager	From 12.1.0 to 12.1.5.2
F5 Big Ip Policy Enforcement Manager	From 13.1.0 to 13.1.3.4
F5 Big Ip Policy Enforcement Manager	From 14.1.0 to 14.1.2.8
F5 Big Ip Policy Enforcement Manager	From 15.1.0 to 15.1.1
F5 Big Ip Policy Enforcement Manager	From 16.0.0 to 16.0.1

References (2)

https://support.f5.com/csp/article/K82530456

Source: f5sirt@f5.com

Vendor Advisory

https://support.f5.com/csp/article/K82530456

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.