Severity Rating: HIGH
Systems Affected
F5 BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link
Controller, PEM) versions:
15.x versions 15.1.0 and 15.0.0
14.x versions 14.1.0 through 14.1.2
13.x versions 13.1.0 through 13.1.3
12.x versions 12.1.0 through 12.1.5
11.x versions 11.6.1 through 11.6.5
Overview
A vulnerability has been reported in F5 BIG-IP products which could allow
an unauthenticated remote attacker to execute arbitrary code on a targeted
system.
Description
This vulnerability exits in multiple BIG-IP products due to a flaw in
undisclosed pages of Traffic Management User Interface (TMUI), also
referred to as the Configuration utility. An unauthenticated remote
attacker could exploit this vulnerability by sending a special crafted web
request to the affected system.
Successful exploitation of this vulnerability could allow the attacker to
execute arbitrary code on the targeted system and may result in complete
system compromise.
Note: This vulnerability has been reported to being actively exploited in
the wild.
Solution
Update to the fixed versions as mentioned in the F5 advisory
Vendor Information
F5 Networks
References
nccgroup
https://research.nccgroup.com/2020/07/05/rift-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902-intelligence/
CISecurity
https://www.cisecurity.org/advisory/a-vulnerability-in-f5-big-ip-traffic-management-user-interface-could-allow-for-remote-code-execution_2020-090/
CVE Name
CVE-2020-5902
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.