ID

VAR-202007-1393


CVE

CVE-2020-5902


TITLE

F5 BIG-IP contains multiple vulnerabilities including unauthenticated remote command execution

Trust: 0.8

sources: CERT/CC: VU#290915

DESCRIPTION

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. F5 BIG-IP devices provide load-balancing capability to application services such as HTTP and DNS. The F5 BIG-IP TMUI management web interface improperly neutralizes untrusted user input and can be abused by unauthenticated remote attackers to perform malicious activities such as cross-site scripting (XSS), cross-site request forgery (CSRF), and command injection CWE-74. F5 has also announced that BIG-IP devices do not properly enforce access controls to sensitive configuration files that be read and overwritten by an authenticated user via Secure Copy (SCP). The vulnerability identified by CVE-2020-0592 can be abused to achieve arbitrary code execution on the target device with root privileges. Underlying causes and factors in these vulnerabilities include: Improper configuration and a lack of identify checks, see recent article from NCC Group. Understanding the root cause of F5 Networks K52145254: TMUI RCE vulnerability CVE-2020-5902 The TMUI fails to enforce proper authentication and authorization, see OWASP Recommendations The TMUI web interface does not normalize user's input to prevent both XSS and CSRF, allowing a "Deadly Combinations of XSS and CSRF" Lack of role-based access checks allows for for unexpected file access, see Role-Based Access Control Models F5 recommends that the TMUI web interface should be accessible only from a secure or an out-of-band network and not directly from the Internet (K13092). However, many installations, as observed by Bad Packets, do not seem to follow this recommendation. An unauthenticated attacker with network access to the TMUI may be able to execute arbitrary system commands, create or delete files, disable services, and subsequently execute arbitrary code with high privileges such as root. An authenticated user is also be able to perform unexpected activities such as changing configuration files on a vulnerable device. plural BIG-IP The product contains a code injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in the F5 BIG-IP. The following products and versions are affected: F5 BIG-IP Version 15.1.0, Version 15.0.0, Version 14.1.0 to Version 14.1.2, Version 13.1.0 to Version 13.1.3, Version 12.1.0 to Version 12.1.5 , version 11.6.1 to version 11.6.5. ## RCE: curl -v -k 'https://[F5 Host]/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' ## Read File: curl -v -k 'https://[F5 Host]/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd'

Trust: 2.61

sources: NVD: CVE-2020-5902 // CERT/CC: VU#290915 // JVNDB: JVNDB-2020-007318 // VULHUB: VHN-184027 // VULMON: CVE-2020-5902 // PACKETSTORM: 158333

AFFECTED PRODUCTS

vendor:f5model:big-ip access policy managerscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:ssl orchestratorscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:ssl orchestratorscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:ssl orchestratorscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:ssl orchestratorscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:ssl orchestratorscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:ssl orchestratorscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:ssl orchestratorscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:ssl orchestratorscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:ssl orchestratorscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:ssl orchestratorscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:ssl orchestratorscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:ssl orchestratorscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:13.1.3.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:15.1.0.4

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:11.6.5.2

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:12.1.5.2

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:15.0.1.4

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:14.1.2.6

Trust: 1.0

vendor:f5model:big-ip access policy managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip advanced firewall managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip advanced web application firewallscope: - version: -

Trust: 0.8

vendor:f5model:big-ip analyticsscope: - version: -

Trust: 0.8

vendor:f5model:big-ip application acceleration managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip application security managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip ddos hybrid defenderscope: - version: -

Trust: 0.8

vendor:f5model:big-ip domain name systemscope: - version: -

Trust: 0.8

vendor:f5model:big-ip fraud protection servicescope: - version: -

Trust: 0.8

vendor:f5model:big-ip global traffic managerscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-007318 // NVD: CVE-2020-5902

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-5902
value: CRITICAL

Trust: 1.0

NVD: JVNDB-2020-007318
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202007-053
value: CRITICAL

Trust: 0.6

VULHUB: VHN-184027
value: HIGH

Trust: 0.1

VULMON: CVE-2020-5902
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-5902
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-007318
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-184027
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-5902
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-007318
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-184027 // VULMON: CVE-2020-5902 // JVNDB: JVNDB-2020-007318 // CNNVD: CNNVD-202007-053 // NVD: CVE-2020-5902

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.1

problemtype:CWE-94

Trust: 0.9

problemtype:CWE-74

Trust: 0.8

problemtype:CWE-829

Trust: 0.1

sources: CERT/CC: VU#290915 // VULHUB: VHN-184027 // JVNDB: JVNDB-2020-007318 // NVD: CVE-2020-5902

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-053

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202007-053

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-007318

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-184027

PATCH

title:K52145254url:https://support.f5.com/csp/article/K52145254

Trust: 0.8

title:cve-2020-5902url:https://github.com/r0ttenbeef/cve-2020-5902

Trust: 0.1

title: - url:https://github.com/theLSA/f5-bigip-rce-cve-2020-5902

Trust: 0.1

sources: VULMON: CVE-2020-5902 // JVNDB: JVNDB-2020-007318

EXTERNAL IDS

db:NVDid:CVE-2020-5902

Trust: 3.6

db:CERT/CCid:VU#290915

Trust: 3.3

db:PACKETSTORMid:158333

Trust: 1.8

db:PACKETSTORMid:158366

Trust: 1.7

db:PACKETSTORMid:158334

Trust: 1.7

db:PACKETSTORMid:158581

Trust: 1.7

db:PACKETSTORMid:158414

Trust: 1.2

db:PACKETSTORMid:175671

Trust: 1.0

db:JVNid:JVNVU90376702

Trust: 0.8

db:JVNDBid:JVNDB-2020-007318

Trust: 0.8

db:EXPLOIT-DBid:48711

Trust: 0.7

db:CNNVDid:CNNVD-202007-053

Trust: 0.7

db:AUSCERTid:ESB-2020.2260.6

Trust: 0.6

db:AUSCERTid:ESB-2020.2260.5

Trust: 0.6

db:AUSCERTid:ESB-2020.2260

Trust: 0.6

db:AUSCERTid:ESB-2020.2260.7

Trust: 0.6

db:AUSCERTid:ESB-2020.2260.3

Trust: 0.6

db:AUSCERTid:ESB-2020.2260.2

Trust: 0.6

db:NSFOCUSid:47132

Trust: 0.6

db:NSFOCUSid:47063

Trust: 0.6

db:EXPLOIT-DBid:48642

Trust: 0.1

db:SEEBUGid:SSVID-98285

Trust: 0.1

db:VULHUBid:VHN-184027

Trust: 0.1

db:VULMONid:CVE-2020-5902

Trust: 0.1

sources: CERT/CC: VU#290915 // VULHUB: VHN-184027 // VULMON: CVE-2020-5902 // JVNDB: JVNDB-2020-007318 // PACKETSTORM: 158414 // PACKETSTORM: 158333 // CNNVD: CNNVD-202007-053 // NVD: CVE-2020-5902

REFERENCES

url:https://www.kb.cert.org/vuls/id/290915

Trust: 3.1

url:https://support.f5.com/csp/article/k52145254

Trust: 2.5

url:http://packetstormsecurity.com/files/158366/f5-big-ip-tmui-directory-traversal-file-upload-code-execution.html

Trust: 2.3

url:http://packetstormsecurity.com/files/158414/checker-cve-2020-5902.html

Trust: 2.3

url:http://packetstormsecurity.com/files/158581/f5-big-ip-13.1.3-build-0.0.6-local-file-inclusion.html

Trust: 2.3

url:http://packetstormsecurity.com/files/158333/big-ip-tmui-remote-code-execution.html

Trust: 1.7

url:http://packetstormsecurity.com/files/158334/big-ip-tmui-remote-code-execution.html

Trust: 1.7

url:https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/

Trust: 1.7

url:https://github.com/critical-start/team-ares/tree/master/cve-2020-5902

Trust: 1.7

url:https://swarm.ptsecurity.com/rce-in-f5-big-ip/

Trust: 1.7

url:https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-5902

Trust: 1.6

url:http://packetstormsecurity.com/files/175671/f5-big-ip-tmui-directory-traversal-file-upload-code-execution.html

Trust: 1.0

url:https://support.f5.com/csp/article/k43638305

Trust: 0.8

url:https://support.f5.com/csp/article/k31301245

Trust: 0.8

url:https://support.f5.com/csp/article/k07051153

Trust: 0.8

url:https://support.f5.com/csp/article/k82518062

Trust: 0.8

url:https://support.f5.com/csp/article/k00091341

Trust: 0.8

url:https://support.f5.com/csp/article/k33023560

Trust: 0.8

url:https://github.com/yassineaboukir/cve-2020-5902

Trust: 0.8

url:https://research.nccgroup.com/2020/07/12/understanding-the-root-cause-of-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902/

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5902

Trust: 0.8

url:https://jvn.jp/vu/jvnvu90376702/

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2020.2260/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2260.7/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2260.5/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2260.6/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2260.3/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2260.2/

Trust: 0.6

url:https://vigilance.fr/vulnerability/f5-big-ip-code-execution-via-tmui-32662

Trust: 0.6

url:http://www.nsfocus.net/vulndb/47063

Trust: 0.6

url:http://www.nsfocus.net/vulndb/47132

Trust: 0.6

url:https://www.exploit-db.com/exploits/48711

Trust: 0.6

url:https://[f5

Trust: 0.1

sources: CERT/CC: VU#290915 // VULHUB: VHN-184027 // JVNDB: JVNDB-2020-007318 // PACKETSTORM: 158414 // PACKETSTORM: 158333 // CNNVD: CNNVD-202007-053 // NVD: CVE-2020-5902

CREDITS

Several of these vulnerabilities were reported by Mikhail Klyuchnikov of Positive Technologies, who worked with F5 on a coordinated disclosure. This document was written by Vijay Sarvepalli.

Trust: 0.8

sources: CERT/CC: VU#290915

SOURCES

db:CERT/CCid:VU#290915
db:VULHUBid:VHN-184027
db:VULMONid:CVE-2020-5902
db:JVNDBid:JVNDB-2020-007318
db:PACKETSTORMid:158414
db:PACKETSTORMid:158333
db:CNNVDid:CNNVD-202007-053
db:NVDid:CVE-2020-5902

LAST UPDATE DATE

2024-08-14T13:24:21.359000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#290915date:2020-07-13T00:00:00
db:VULHUBid:VHN-184027date:2022-07-12T00:00:00
db:VULMONid:CVE-2020-5902date:2023-11-14T00:00:00
db:JVNDBid:JVNDB-2020-007318date:2020-08-07T00:00:00
db:CNNVDid:CNNVD-202007-053date:2022-07-14T00:00:00
db:NVDid:CVE-2020-5902date:2024-07-25T16:42:50.637

SOURCES RELEASE DATE

db:CERT/CCid:VU#290915date:2020-07-08T00:00:00
db:VULHUBid:VHN-184027date:2020-07-01T00:00:00
db:VULMONid:CVE-2020-5902date:2020-07-01T00:00:00
db:JVNDBid:JVNDB-2020-007318date:2020-08-07T00:00:00
db:PACKETSTORMid:158414date:2020-07-14T19:35:45
db:PACKETSTORMid:158333date:2020-07-07T16:03:54
db:CNNVDid:CNNVD-202007-053date:2020-07-01T00:00:00
db:NVDid:CVE-2020-5902date:2020-07-01T15:15:15.360