F5 BIG-IP - Remote Code Execution CVE-2020-5902
- CVSSv3 Score
- Vulnerability description
F5 BIG-IP server is affected by a Remote Code Execution vulnerability, located in the Traffic Management User Interface (TMUI) component, which is publicly accessible. The root cause of this vulnerability consists in a broken parser logic in the Tomcat endpoint. This allows an unauthenticated malicious attacker to access any file stored on the server or to execute arbitrary commands on the server.
- Risk description
The risk exists that a remote unauthenticated attacker can fully compromise the F5 BIG-IP server in order to steal confidential information, install ransomware or pivot to the internal network.
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
Upgrade F5 BIG-IP server to the latest version or to a non-vulnerable version listed in K52145254.
- Not available