Vulnerability Details CVE-2020-5943
In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed through the REST interface, the protected fields are obfuscated in the REST response, not protected via a SecureVault cryptogram as TMSH does. One example of protected fields is the GTM monitor password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.3%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2020-5943
-
cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0
-
cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0.1
-
cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2.5
-
cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2.6
-
cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2.7
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0.1
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.2.5
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.2.6
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.2.7
-
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.0
-
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.0.1
-
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.2.5
-
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.2.6
-
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.2.7
-
cpe:2.3:a:f5:big-ip_analytics:14.1.0
-
cpe:2.3:a:f5:big-ip_analytics:14.1.0.1
-
cpe:2.3:a:f5:big-ip_analytics:14.1.2.5
-
cpe:2.3:a:f5:big-ip_analytics:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_analytics:14.1.2.6
-
cpe:2.3:a:f5:big-ip_analytics:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_analytics:14.1.2.7
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0.1
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.2.5
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.2.6
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.2.7
-
cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0
-
cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0.1
-
cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2.5
-
cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2.6
-
cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2.7
-
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.0
-
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.0.1
-
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.2.5
-
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.2.6
-
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.2.7
-
cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0
-
cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0.1
-
cpe:2.3:a:f5:big-ip_domain_name_system:14.1.2.5
-
cpe:2.3:a:f5:big-ip_domain_name_system:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_domain_name_system:14.1.2.6
-
cpe:2.3:a:f5:big-ip_domain_name_system:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_domain_name_system:14.1.2.7
-
cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0
-
cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0.1
-
cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.2.5
-
cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.2.6
-
cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.2.7
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0.1
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.2.5
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.2.6
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.2.7
-
cpe:2.3:a:f5:big-ip_link_controller:14.1.0
-
cpe:2.3:a:f5:big-ip_link_controller:14.1.0.1
-
cpe:2.3:a:f5:big-ip_link_controller:14.1.2.5
-
cpe:2.3:a:f5:big-ip_link_controller:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_link_controller:14.1.2.6
-
cpe:2.3:a:f5:big-ip_link_controller:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_link_controller:14.1.2.7
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.1
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.5
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.6
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.7
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0.1
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.2.5
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.2.5-0.0.3
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.2.6
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.2.6-0.0.2
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.2.7
-
cpe:2.3:a:f5:big-ip_ssl_orchestrator:14.1.0
-
cpe:2.3:a:f5:big-ip_ssl_orchestrator:14.1.0.1
-
cpe:2.3:a:f5:big-ip_ssl_orchestrator:14.1.2.5
-
cpe:2.3:a:f5:big-ip_ssl_orchestrator:14.1.2.7