In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery (CSRF) vulnerability in the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, exists in an undisclosed page.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | BIG-IP | affected |
|
Configuration 1 [-]
|
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
F5
Subscribe
|
Big-ip Access Policy Manager
Subscribe
Big-ip Advanced Firewall Manager
Subscribe
Big-ip Analytics
Subscribe
Big-ip Application Acceleration Manager
Subscribe
Big-ip Application Security Manager
Subscribe
Big-ip Domain Name System
Subscribe
Big-ip Fraud Protection Service
Subscribe
Big-ip Global Traffic Manager
Subscribe
Big-ip Link Controller
Subscribe
Big-ip Local Traffic Manager
Subscribe
Big-ip Policy Enforcement Manager
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2020-27058 | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery (CSRF) vulnerability in the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, exists in an undisclosed page. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: f5
Published:
Updated: 2024-08-04T08:47:40.597Z
Reserved: 2020-01-06T00:00:00
Link: CVE-2020-5904
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-07-01T15:15:15.530
Modified: 2024-11-21T05:34:48.013
Link: CVE-2020-5904
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses