CVE-2020-5929
MEDIUMBIG-IP <13.0.0 HF2, <12.1.2 HF1, <11.6.2 - SSL/TLS Handshake
Title source: llmDescription
In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.f5.com/csp/article/K91158923
Scores
CVSS v3
5.9
EPSS
0.0067
EPSS Percentile
71.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-203
Status
published
Products (29)
f5/big-ip_access_policy_manager
11.6.2
f5/big-ip_access_policy_manager
12.1.2 (2 CPE variants)
f5/big-ip_access_policy_manager
13.0.0 (3 CPE variants)
f5/big-ip_access_policy_manager
11.6.1 - 11.6.2
f5/big-ip_advanced_firewall_manager
11.6.2
f5/big-ip_advanced_firewall_manager
12.1.2 (2 CPE variants)
f5/big-ip_advanced_firewall_manager
13.0.0 (3 CPE variants)
f5/big-ip_advanced_firewall_manager
11.6.1 - 11.6.2
f5/big-ip_advanced_web_application_firewall
11.6.2
f5/big-ip_advanced_web_application_firewall
12.1.2 (2 CPE variants)
... and 19 more
Published
Sep 25, 2020
Tracked Since
Feb 18, 2026