CVE-2020-5936

On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Management Microkernel (TMM) process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
f5CNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
f5big-ip_local_traffic_manager
12.1.0 ≤
𝑥
< 12.1.5.2
f5big-ip_local_traffic_manager
13.1.0 ≤
𝑥
≤ 13.1.3.4
f5big-ip_local_traffic_manager
14.1.0 ≤
𝑥
< 14.1.2.8
f5big-ip_local_traffic_manager
15.0.0 ≤
𝑥
< 15.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.f5.com/csp/article/K44020030
https://support.f5.com/csp/article/K44020030