Main Vulnerability Database SB2020011416

SB2020011416 - Incorrect integrity check in BIG-IP TMM

Published: January 14, 2020

Security Bulletin ID SB2020011416

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper validation of integrity check value (CVE-ID: CVE-2020-5851)

CWE-ID: CWE-354 - Improper Validation of Integrity Check Value

CVSSv4: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows an attacker to hide malicious activity.

The Trusted Platform Module (TPM) on the BIG-IP iSeries platforms (i850, i2000, i4000, i5000, i7000, i10000, i11000, i15000) and the VIPRION B4450 blades fails to function properly and is unable to detect any potential security compromise of the affected systems.

Remediation

Install update from vendor's website.

References

https://support.f5.com/csp/article/K91171450