{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T17:06:01.651","vulnerabilities":[{"cve":{"id":"CVE-2020-5873","sourceIdentifier":"f5sirt@f5.com","published":"2020-04-30T21:15:16.510","lastModified":"2026-06-17T03:22:22.400","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure copy (scp) utility but does not have access to Advanced Shell (bash) can execute arbitrary commands using a maliciously crafted scp request."},{"lang":"es","value":"En BIG-IP versiones 15.0.0 hasta 15.0.1, 14.1.0 hasta 14.1.2.3, 13.1.0 hasta 13.1.3.1, 12.1.0 hasta 12.1.5 y 11.6.1 hasta 11.6.5 y BIG-IQ versiones 5.2.0 hasta 7.1.0, un usuario asociado con el rol de Administrador de Recursos que posee acceso a la utilidad secure copy (scp) pero no posee acceso a Advanced Shell (bash) puede ejecutar comandos arbitrarios usando una peticiĆ³n de scp creada con fines maliciosos."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"n/a","product":"BIG-IP","versions":[{"version":"15.0.0-15.0.1","status":"affected"},{"version":"14.1.0-14.1.2.3","status":"affected"},{"version":"13.1.0-13.1.3.1","status":"affected"},{"version":"12.1.0-12.1.5","status":"affected"},{"version":"11.6.1-11.6.5","status":"affected"}]},{"vendor":"n/a","product":"BIG-IQ","versions":[{"version":"5.2.0-7.1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"2FBA9552-4645-4BFF-91A4-47B6A3414325"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"6C3B5688-0235-4D4F-A26C-440FF24A1B43"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"C7174510-CC8F-4F4D-9706-C7CBB99D7172"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"07FC84CA-3E12-43FB-ADBD-7B988DEF3A97"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"D6A53E3C-3E09-4100-8D5A-10AD4973C230"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2.0","versionEndIncluding":"5.4.0","matchCriteriaId":"14A4E46D-F0DB-4201-9102-EC89FACBE780"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.1.0","matchCriteriaId":"F37D18F2-8C6A-4557-85DC-2A751595423C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.1.0","matchCriteriaId":"C88B0206-093A-4A18-8322-A1CD1D4ACF2A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"61D1B91F-8672-4947-AF9A-F635679D0FB7"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"151ED6D1-AA85-4213-8F3A-8167CBEC4721"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"F2BFAF3E-5E01-4EBF-AC8C-92DDFF38EB8F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"5BEE162F-A016-4EDB-A7D1-1F87945EED3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"FCAE28C2-0ADD-4FD0-A520-EFB764164DD8"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"C3787453-ECE9-4958-8FD8-8A43A9F86077"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"5D5AA99B-08E7-4959-A3B4-41AA527B4B22"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"88FFA413-C798-4FB6-AA37-1BDD1C11DD06"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"7F553CD8-01FF-4616-A32C-4F4B5844A6FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"36A213C6-D6E4-4F38-989D-81D3DFC11829"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"05ED802A-A8A0-4E96-AB45-811A98AA11C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"9DC86A5F-C793-4848-901F-04BFB57A07F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"C13DFF4A-CD7C-4B9A-AD90-79E29FC1D117"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"547D6BFB-5DE8-4027-88EF-0349400494D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"59D9F39B-206B-4E76-A811-1CAA705A60EE"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"B15992E6-85B6-4E62-A284-FE4B78F5F373"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"2E5552A3-91CD-4B97-AD33-4F1FB4C8827A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"241F94B5-C01C-4F62-85D9-EAC3C71845BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"7881BC1C-1B10-43D4-AD4A-545D7C7C4160"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"70099A38-3B84-4C40-8590-BE6C8F7C21A7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"8376922B-0D04-4E5D-BADE-0D6AC23A4696"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"55C2EC23-E78F-4447-BACF-21FC36ABF155"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"09B194A3-5261-4063-9E02-19855CCD8A90"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"17DCA2C1-FD7A-430F-AD7C-4AB2DF7E233E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"1DE40473-ABAE-4D91-8EBB-FB5719E107F6"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"0471086D-B70E-4B87-862E-01FB99B0D5D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"945A19E8-51EB-42FE-9BF1-12DAC78B5286"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"48A3DFA8-2DB0-4F65-AE6F-BB02CF42EE7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"F6DFBD76-20DB-497D-B407-1EAA5555B49F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"18B5A918-F9AA-4889-94A7-33E6E54CF383"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"CD3D5803-35A0-4FF7-9AD3-E345C53A18FC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"EB5007D0-BBDB-4D74-9C88-98FBA74757D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"FBE0191C-ABA8-4FBE-99FE-D8DD9ABCA57D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"64B21CD4-4D50-45EC-8297-D54A1BBC6521"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"EF606356-8191-478D-AF60-D48A408CD9ED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"E20DFBD1-5469-4330-81B1-078D6487C01D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"B7725810-66D2-4460-A174-9F3BFAD966F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"FC6FB035-B2F6-452B-A407-85535B07D897"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"DA369F2E-2E17-4BEA-B894-14656D977B93"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"FA3E37E6-64B9-4668-AC01-933711E1C934"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"F92F2449-8A6E-431E-8CB1-5255D2464B31"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"EFD760FE-4347-4D36-B5C6-4009398060F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"76D757F4-B333-4EFB-87CE-1F14BD1B1734"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"7E0B6F31-DC75-49C9-9E59-EF1CD68B1B3D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"8CCD3CF9-EA9D-43FF-8ADA-713B4B5C468E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.1","versionEndIncluding":"11.6.5","matchCriteriaId":"53F940F3-6CF4-48C8-BFBF-4FE9B3A26D31"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.5","matchCriteriaId":"65B76F53-7D8B-477E-8B6E-91AC0A9009FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndIncluding":"13.1.3.1","matchCriteriaId":"1886D50C-6B79-4A7F-887B-08093F0C4894"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"8D806FBF-8E6D-412C-B547-92AD9294B639"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1","matchCriteriaId":"EC6612AB-E46B-4A8B-9B3E-C711D8C27962"}]}]}],"references":[{"url":"https://support.f5.com/csp/article/K03585731","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://support.f5.com/csp/article/K03585731","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}