CVE-2020-5860
N/A
N/A
Summary
On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, in a High Availability (HA) network failover in Device Service Cluster (DSC), the failover service does not require a strong form of authentication and HA network failover traffic is not encrypted by Transport Layer Security (TLS).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | BIG-IP, BIG-IQ | BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, 11.5.2-11.6.5.1 | affected |
| n/a | BIG-IP, BIG-IQ | BIG-IQ 7.0.0, 6.0.0-6.1.0, 5.2.0-5.4.0 | affected |
Weaknesses
- MITM
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.