CVE-2020-5921
HIGHBIG-IP <15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4...
Title source: llmDescription
in BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, Syn flood causes large number of MCPD context messages destined to secondary blades consuming memory leading to MCPD failure. This issue affects only VIPRION hosts with two or more blades installed. Single-blade VIPRION hosts are not affected.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.f5.com/csp/article/K00103216
Scores
CVSS v3
7.5
EPSS
0.0065
EPSS Percentile
71.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (11)
f5/big-ip_access_policy_manager
12.1.0 - 12.1.5.2
f5/big-ip_advanced_firewall_manager
12.1.0 - 12.1.5.2
f5/big-ip_analytics
12.1.0 - 12.1.5.2
f5/big-ip_application_acceleration_manager
12.1.0 - 12.1.5.2
f5/big-ip_application_security_manager
12.1.0 - 12.1.5.2
f5/big-ip_domain_name_system
12.1.0 - 12.1.5.2
f5/big-ip_fraud_protection_service
12.1.0 - 12.1.5.2
f5/big-ip_global_traffic_manager
12.1.0 - 12.1.5.2
f5/big-ip_link_controller
12.1.0 - 12.1.5.2
f5/big-ip_local_traffic_manager
12.1.0 - 12.1.5.2
... and 1 more
Published
Aug 26, 2020
Tracked Since
Feb 18, 2026