CVE-2020-5943

Summary

In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed through the REST interface, the protected fields are obfuscated in the REST response, not protected via a SecureVault cryptogram as TMSH does. One example of protected fields is the GTM monitor password.

Affected Software

VendorProductVersion RangeStatus
n/aBIG-IP14.1.0-14.1.0.1, 14.1.2.5-14.1.2.7affected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

References