VDB
CVE-2020-5908
CVE-2020-5908
PUBLISHED
CVSS 5.5 MEDIUM
In versions bundled with BIG-IP APM 12.1.0-12.1.5 and 11.6.1-11.6.5.2, Edge Client for Linux exposes full session ID in the local log files.
EPSS 0.09% · 25.6th percentile
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.09%
25.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| f5 | big-ip_access_policy_manager | 11.6.1, 12.1.0 |
| n/a | Edge Client for Linux | * |
Exploit Intelligence
- https://support.f5.com/csp/article/K33023560 (circl)
- VU#290915 (circl)
Timeline
- Jul 1, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://support.f5.com/csp/article/K33023560 url
- VU#290915 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-5908 advisory