F5 BIG-IP APM up to Portal Access unknown vulnerability – Digitalmunition

Exploit/Advisories Cybersecurity study of the dark web exposes vulnerability to machine identities -- ScienceDaily

Published on January 15th, 2020 📆 | 4270 Views ⚑


F5 BIG-IP APM up to Portal Access unknown vulnerability

CVSS Meta Temp ScoreCurrent Exploit Price (≈)CTI Interest Score

A vulnerability, which was classified as critical, has been found in F5 BIG-IP APM up to (Firewall Software). This issue affects an unknown function of the component Portal Access. The impact remains unknown. The summary by CVE is:

In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-, 13.1.0-, 12.1.0-12.1.5, and 11.5.2-, when backend servers serve HTTP pages with special JavaScript code, this can lead to internal portal access name conflict.

The weakness was presented 01/14/2020. The advisory is shared at support.f5.com. The identification of this vulnerability is CVE-2020-5853 since 01/06/2020. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 01/15/2020).

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.




Class: Unknown
Local: Yes
Remote: No

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: no mitigation known

0-Day Time: 🔒

01/06/2020 CVE assigned
01/14/2020 +8 days Advisory disclosed
01/15/2020 +1 days VulDB entry created
01/15/2020 +0 days VulDB last updateVendor: f5.com

Advisory: support.f5.com

CVE: CVE-2020-5853 (🔒)

Created: 01/15/2020 11:22 AM
Complete: 🔍

Download the whitepaper to learn more about our service!


Tagged with:

Leave a Reply ✍