A vulnerability was found in F5 BIG-IP APM up to 14.0.1/14.1.2.3/15.0.1.2 (Firewall Software). It has been declared as problematic. This vulnerability affects an unknown part of the component Traffic Management Microkernel. The manipulation as part of a Request leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. As an impact it is known to affect availability. CVE summarizes:

On BIG-IP APM 15.0.0-15.0.1.2, 14.1.0-14.1.2.3, and 14.0.0-14.0.1, in certain circumstances, an attacker sending specifically crafted requests to a BIG-IP APM virtual server may cause a disruption of service provided by the Traffic Management Microkernel(TMM).

The weakness was shared 04/30/2020 (Website). The advisory is available at support.f5.com. This vulnerability was named CVE-2020-5874 since 01/06/2020. The exploitation appears to be easy. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. The technical details are unknown and an exploit is not available. The structure of the vulnerability defines a possible price range of USD $5k-$25k at the moment (estimation calculated on 05/01/2020). This vulnerability is assigned to T1499 by the MITRE ATT&CK project.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Productinfo

Type

• Firewall Software

Vendor

• F5

Name

• BIG-IP APM

Version

• 14.0.0
• 14.0.1
• 14.1.2.0
• 14.1.2.1
• 14.1.2.2
• 14.1.2.3
• 15.0.1.0
• 15.0.1.1
• 15.0.1.2

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion