CVE-2020-5853

Summary

In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, when backend servers serve HTTP pages with special JavaScript code, this can lead to internal portal access name conflict.

Affected Software

VendorProductVersion RangeStatus
F5BIG-IP APM15.0.0-15.1.0affected
F5BIG-IP APM14.0.0-14.1.2.3affected
F5BIG-IP APM13.1.0-13.1.3.2affected
F5BIG-IP APM12.1.0-12.1.5affected
F5BIG-IP APM11.5.2-11.6.5.1affected

Weaknesses

  • XSS

ADP Enrichment

CVE Program Container

Additional References

References