{"containers": {"cna": {"affected": [{"product": "BIG-IP 2000 series (C112), BIG-IP 4000 series (C113), BIG-IP i2000 series (C117), BIG-IP i4000 series (C115), BIG-IP Virtual Edition (VE)", "vendor": "n/a", "versions": [{"status": "affected", "version": "16.0.0-16.0.0.1"}, {"status": "affected", "version": "15.1.0-15.1.1"}]}], "descriptions": [{"lang": "en", "value": "In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 2000 series (C112), BIG-IP 4000 series (C113), BIG-IP i2000 series (C117), BIG-IP i4000 series (C115), BIG-IP Virtual Edition (VE)."}], "problemTypes": [{"descriptions": [{"description": "TCP sequence prediction", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-19T00:14:19", "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K64571774"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "f5sirt@f5.com", "ID": "CVE-2020-5947", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BIG-IP 2000 series (C112), BIG-IP 4000 series (C113), BIG-IP i2000 series (C117), BIG-IP i4000 series (C115), BIG-IP Virtual Edition (VE)", "version": {"version_data": [{"version_value": "16.0.0-16.0.0.1"}, {"version_value": "15.1.0-15.1.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 2000 series (C112), BIG-IP 4000 series (C113), BIG-IP i2000 series (C117), BIG-IP i4000 series (C115), BIG-IP Virtual Edition (VE)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "TCP sequence prediction"}]}]}, "references": {"reference_data": [{"name": "https://support.f5.com/csp/article/K64571774", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K64571774"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T08:47:40.986Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K64571774"}]}]}, "cveMetadata": {"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "assignerShortName": "f5", "cveId": "CVE-2020-5947", "datePublished": "2020-11-19T00:14:19", "dateReserved": "2020-01-06T00:00:00", "dateUpdated": "2024-08-04T08:47:40.986Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5AC29EF0-7E85-4BB1-A183-D03FC53868ED", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F3F98DD-C142-4030-AD11-A3129D5FFEA9", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "DD50CF60-A880-4495-AD3F-9A5C744506AF", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1247022A-F95F-4DF6-87AC-2E6757B01DC3", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "286DABB7-9C44-4050-AB2E-C4B4EAE2EEFD", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7034BE5-23A6-47FA-9D80-3F3CF29DA2B5", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "69C1B709-03E8-4371-8EC4-C13BF134B6F6", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "F491CF7C-EC9A-4413-9B84-459FE83E0AF5", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "217C0D97-5942-4609-BC5D-0D8D145E2436", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D54A135F-CD1E-41AD-82C3-F15A21AA87BE", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F20E2679-A1C0-4925-9284-DBA57F40C41C", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C3B360C4-C9E2-4889-ADD5-3482E69BA8E7", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC2FA5AD-6375-48C4-B602-E3BD464BF9FF", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "3448CBCB-D42E-4DAA-A52F-4225B2EB022A", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "363C0C5C-A8EE-4BF9-92E3-506DA88D8CD3", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7466098-C689-4E4B-879F-0433A020FDBC", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DB39FC0-D2B4-4854-B49B-722A67F729E2", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "574397F4-0234-48D3-B024-D7963A41E21C", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BFEB115-A4F3-4FA3-A838-CE91AB6888F1", "versionEndIncluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB7047B3-A248-424C-98D8-A0DD99A86F50", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "315AB5D6-FC37-44F5-989F-33FA4EC4654F", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "15439AAC-1535-4087-9170-C885716736F4", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AECF3150-98BD-4F39-84D9-584E36B357CB", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F9D19B2-1D89-4917-A82E-289EDE52C68F", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C250F1A-D949-4389-B46B-25B63FBC167D", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0319299-FCCE-4B8F-8DB5-83AF0C3D68D5", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B9426CC-5EE8-4250-82DA-24A6004F1794", "versionEndExcluding": "15.1.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "37DB95DF-DAAE-4E11-9D91-A097A44176DB", "versionEndExcluding": "16.0.1", "versionStartIncluding": "16.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_virtual_edition:-:*:*:*:*:*:*:*", "matchCriteriaId": "5231D20F-5BCF-42BE-BA4B-A3705FE372FA", "vulnerable": false}, {"criteria": "cpe:2.3:h:f5:big-ip_2000:c112:*:*:*:*:*:*:*", "matchCriteriaId": "5C9C2CDC-1DBA-414A-BD24-5C80EF341D42", "vulnerable": false}, {"criteria": "cpe:2.3:h:f5:big-ip_4000:c113:*:*:*:*:*:*:*", "matchCriteriaId": "086D8EA0-55E3-4EA0-A511-A50E75150B1E", "vulnerable": false}, {"criteria": "cpe:2.3:h:f5:big-ip_i2000:c117:*:*:*:*:*:*:*", "matchCriteriaId": "E874EF24-9120-45FD-98B6-FA8414EECFA4", "vulnerable": false}, {"criteria": "cpe:2.3:h:f5:big-ip_i4000:c115:*:*:*:*:*:*:*", "matchCriteriaId": "431D46C5-4C56-425F-B919-0F3954EEBCD6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 2000 series (C112), BIG-IP 4000 series (C113), BIG-IP i2000 series (C117), BIG-IP i4000 series (C115), BIG-IP Virtual Edition (VE)."}, {"lang": "es", "value": "En versiones 16.0.0-16.0.0.1 y 15.1.0-15.1.1, en plataformas BIG-IP espec\u00edficas, unos atacantes pueden obtener n\u00fameros de secuencia TCP del sistema BIG-IP que pueden ser reusadas en conexiones futuras con el mismo puerto de origen y destino y n\u00fameros IP. Solo estas plataformas est\u00e1n afectadas: serie BIG-IP 2000 (C112), serie BIG-IP 4000 (C113), serie BIG-IP i2000 (C117), serie BIG-IP i4000 (C115), BIG-IP Virtual Edition (VE)"}], "id": "CVE-2020-5947", "lastModified": "2024-11-21T05:34:53.050", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-19T01:15:12.593", "references": [{"source": "f5sirt@f5.com", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K64571774"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K64571774"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}