{"containers": {"cna": {"affected": [{"product": "BIG-IP", "vendor": "n/a", "versions": [{"status": "affected", "version": "13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, 11.6.1-11.6.2"}]}], "descriptions": [{"lang": "en", "value": "In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability."}], "problemTypes": [{"descriptions": [{"description": "TLS Oracle", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-09-25T13:22:47", "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.f5.com/csp/article/K91158923"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "f5sirt@f5.com", "ID": "CVE-2020-5929", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BIG-IP", "version": {"version_data": [{"version_value": "13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, 11.6.1-11.6.2"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "TLS Oracle"}]}]}, "references": {"reference_data": [{"name": "https://support.f5.com/csp/article/K91158923", "refsource": "MISC", "url": "https://support.f5.com/csp/article/K91158923"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T08:47:40.873Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.f5.com/csp/article/K91158923"}]}]}, "cveMetadata": {"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "assignerShortName": "f5", "cveId": "CVE-2020-5929", "datePublished": "2020-09-25T13:22:47", "dateReserved": "2020-01-06T00:00:00", "dateUpdated": "2024-08-04T08:47:40.873Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "70FF147E-70DD-4FE1-9778-D9A190653B32", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A9037A34-60F5-4A75-9B1E-63992472668B", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "EF594CCA-2FE4-4233-B5E8-E24FDA0631FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "F0800BF9-76E5-4D1A-A4E1-B9827C2ABB74", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "5EACB885-3BB2-4291-BC79-57CA189F03CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "DEC8423E-1AD9-4EAC-8233-C580001DFBEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "07DE0F37-E908-4102-B504-9E56322C28BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "22910FCA-BE87-4F61-A1C4-C13D8E54795C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F112F302-F738-434B-BFD1-848AC0345F7D", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB5C57D2-23E7-442A-9CF7-40996E07EFE0", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "C5E40B55-CBAF-45D7-85A7-2645EE79074D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "8E8037A0-63AA-48DD-AF9B-0DE6372A82A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "0A90C209-002D-4629-9BF7-1A0E1CD63164", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "3E31B7D5-CD57-40DE-A4DA-CEA4ED72A72D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "E5865312-86A6-4BF1-906F-14821A825F26", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "C9265E7A-ADEE-4A3D-9D93-5B023B1BC7B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "042D3A19-2F4D-45D4-97A4-C1EC6352F389", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "8A473F59-33D8-4496-AE7E-8804C6CEA79D", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "6155F5C7-08ED-4E89-9981-1C6892C7B950", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "7FA3C044-3E22-4913-AD5F-C16D8E69064A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "CC828D69-7ADF-4F91-8AAA-573F8E755BCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "2D79EEB5-1D2B-406F-80F4-411B8D1082E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "21ED963D-F796-48B7-B8B9-16AF04121DAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "E475B23E-4828-4D9A-8C8C-98735A08C7DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CCB33B3-1035-4F6D-AF86-2BFF75B3E5AD", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "77C1AAC1-9404-415A-BE58-0E8E4FBEEB3A", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "561E3C54-4B3A-45DD-A72F-A080343257D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "41E9AFDB-185C-40F8-B538-B11C157CACA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "91598B5F-2FB1-4FE3-8736-14A5F20FEFAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "37DBEC42-49E4-41FF-A5CF-B2C1769BD7A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "BA170BC1-505E-49FE-AD37-B5FAC70C9ECD", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "2EA52E3C-349A-4A6F-8167-40343BCF60EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "281403D0-773D-4F37-83EE-F62EF96B3B72", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE23E4A6-B8B4-4738-9C4F-8F037EAE1F02", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "BC152A60-A74C-462A-88BA-28EC5922BFF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "306D8178-9362-4E83-8CBC-7FE594875418", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "EB950A9D-3444-45EA-BDEE-DC0814FFC820", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "5FD91B30-E127-49B7-BFC0-20F5AFA04156", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "0B8A00CA-1577-4674-AAF7-335D3846CED4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "3C5937EE-EA57-4918-A5B8-FD8C05D7D39C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5236265-D881-42BA-9064-F25EFE81C126", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B79C6D1-3FE4-400B-B2E9-8247D73A74A8", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "4D7F8FE6-7124-4CC1-BBD7-DDD9DB329877", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "2CE86895-3244-4B6D-BEBA-BF74468F5BC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "110D8D98-9715-42DD-A967-0728A9D3C422", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "3E9F83DD-1DC7-450B-82F6-5ACEE37FF701", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "26D3BEF3-E29F-402F-B1ED-B7B74BA2E196", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "6E4231B1-DA7E-4D80-B3E6-401CDA1E24F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D713731-3970-4A12-86FE-B8D566FE47FF", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "1BFC319D-3B14-4D84-98E2-5ACFDA0D5857", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "660DC6C0-93E8-458A-A36F-990178A085BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "89D16C83-F321-4E5A-B0BB-7458AE3093EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "380EA379-85B3-496E-8267-9267713FF9C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "3D137802-A48A-4199-825A-CE32BE8046CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "D9561C89-6109-450D-B8FB-C8FDC52EDF40", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "A93822CD-4242-4C37-8F7D-B89F02711D7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "82654D85-8BE0-43CF-B117-3F13A4B776DA", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5AA87AA-CD1A-4E72-ACC4-3DA37F1BB6DA", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "E25445A5-B5D8-4321-8CEF-4C48875A0864", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "0E6DD4A4-4496-4CE7-8A7D-420ABAF9B5D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "80914B19-88A2-4B91-915C-AB2E88F8BA68", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "140C82AC-5146-453A-8F54-80DEBC3E47C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "C8C3C7E6-9A71-4100-AF8F-E258ACA87DC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "F364FFC1-129E-4044-AA1D-7616A9DA9742", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "EABB97D1-1B3F-495C-AA84-BEF5F9B49737", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "B6C0CF36-056F-40B2-A37D-5FBAC1474C91", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "C3EAFEA9-B710-476A-9274-ABA1D0530FB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "81C43AC9-9572-46C5-87A9-A0482B166949", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "05CE7A90-A4D7-4DC8-9E40-A00E8A73383D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "B5392AD7-A914-4E49-A427-24A1C025CE13", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "5B3B7585-DBD6-4B7E-A531-5AF06CA9A26C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "3928B719-73A2-4F4F-B99E-3B20E73A56BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "71DF7CA5-58AC-4A5A-BE8B-E4980954F574", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B19D361-EC13-404E-BEB3-2FE57F08D21C", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "FA6D1B1F-9243-47B8-8524-5FA0DB2BD25E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "B135D9F2-BC26-4B4C-9311-8E5462C0D990", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "98DDA9FF-BFCA-46B1-B54B-E66DF37EA3D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "46168539-16F5-4D68-8C60-231DC7304DC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "7B2C13FC-4A5A-487D-93DC-51C350461326", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "BEDABC39-977F-4D10-9CD7-BC28C9AFEE15", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "DFB7A1F6-2E72-4FCD-938A-0C52615770A1", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4C0EC8B-AB4D-4457-8781-9F80B0DDD5AC", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "EE591064-DF44-4838-A9AA-CB33EBFD0ADB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "5492BACB-7266-42C7-9CCB-8274CE283F37", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "B56659EF-E0D2-4274-9E77-E3B584CF8985", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "4EC093A4-BA4F-40EF-8279-5D93EF131B80", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "EE3FF6AC-7BF4-42B9-976E-F326F01F8BB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "1C4AF4BD-FDD2-42B4-BA95-4D5A4A45E243", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD3A9176-70E0-4E5B-B93E-76E6B436ECF8", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "534284B2-1FC8-4769-98DB-83D0A03F0FB5", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "774ECB69-5F65-4B81-9FAE-474C4181B211", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "5BDCB0E8-94D5-4B20-B4CC-A49A086FDD38", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "A2F4D185-AE08-47BF-B480-BFBEE290FD26", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "A9FD757D-7C65-44E3-B995-186D4670021F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "EB319ED0-52D3-4FB6-86DD-727A1601CAD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "65CC7B3C-B657-4996-9B84-148624669C8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "42E60917-B217-41C4-9455-BC8B67FB1218", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE16F299-6B74-4317-A0B4-451FD090BF53", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "544CAF10-0F4D-4DCF-99A4-16BF26DB8294", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "A5C9A263-245B-4F94-B6FE-46C6C9DE33A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "55A5BD6E-CC23-4DFA-BE89-1B7164CA003A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "8145A49C-E53C-448E-AAEF-3AFE870F833A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "6B517CAC-2BAD-4CD0-9157-57349E0365D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "30386BAE-5D66-4447-A432-774EEF99B185", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "7830DB26-7308-4FBD-A81F-69419EB88871", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1BA9423-4C0D-4932-9802-51DCDC91F0A5", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:11.6.2:-:*:*:*:*:*:*", "matchCriteriaId": "42625AC5-88A6-4721-A5EC-31B0EAF5E96C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:12.1.2:-:*:*:*:*:*:*", "matchCriteriaId": "76A3DDE3-905D-4A31-A7A9-3E747D2326CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:12.1.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "2B3C08CC-F5B4-453F-B0BA-48930614C1E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:13.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "3E7E08B3-6B94-4B91-8689-61762267B648", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:13.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "69BFCE0C-D4C9-4C0E-8EEA-FA1BAEF73320", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:13.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "7CEE3D81-4668-4ED1-AF87-96ECE7C7A0BE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability."}, {"lang": "es", "value": "En las versiones 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1 y 11.6.1-11.6.2, las plataformas BIG-IP con tarjetas de aceleraci\u00f3n de hardware Cavium Nitrox SSL, un Servidor Virtual configurado con un perfil SSL de Cliente, y el uso de intercambio de Claves Diffie-Hellman de Anonymous (ADH) o Ephemeral (DHE) y la opci\u00f3n de uso Single DH no habilitada en la lista de opciones puede ser vulnerable a protocolos de enlace SSL/TLS dise\u00f1ados que pueden resultar con un PMS (Pre-Master Secret) que comienza en un byte 0 y puede conllevar a la recuperaci\u00f3n de mensajes de texto plano, ya que BIG-IP TLS/SSL ADH/DHE env\u00eda diferentes mensajes de error que act\u00faan como un or\u00e1culo. Los mensajes de error similares cuando PMS comienza con 0 bytes junto con una observaci\u00f3n de medici\u00f3n de tiempo muy precisa tambi\u00e9n pueden exponer esta vulnerabilidad"}], "id": "CVE-2020-5929", "lastModified": "2024-11-21T05:34:50.820", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-25T14:15:13.970", "references": [{"source": "f5sirt@f5.com", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K91158923"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K91158923"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-203"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}