{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T17:41:54.774","vulnerabilities":[{"cve":{"id":"CVE-2020-5880","sourceIdentifier":"f5sirt@f5.com","published":"2020-04-30T21:15:16.933","lastModified":"2024-11-21T05:34:45.370","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server."},{"lang":"es","value":"En BIG-IP versiones 15.0.0 hasta 15.0.1.3 y 14.1.0 hasta 14.1.2.3, el proceso restjavad puede exponer una forma para que los atacantes carguen archivos arbitrarios en el sistema BIG-IP, omitiendo el sistema de autorizaciĆ³n. Los mensajes de error resultantes tambiĆ©n pueden revelar rutas internas del servidor."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:P","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"07FC84CA-3E12-43FB-ADBD-7B988DEF3A97"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"3A2FA3A9-89F3-4F39-B076-7FEF784D0329"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"5BEE162F-A016-4EDB-A7D1-1F87945EED3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"C0CC481C-0956-4949-9C8C-450149C25C31"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"7F553CD8-01FF-4616-A32C-4F4B5844A6FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"E5A62B79-8E47-48B0-B0CA-12307846B327"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"547D6BFB-5DE8-4027-88EF-0349400494D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"931730C6-DAC7-46AA-8EC6-72BD3BD9B6F9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"7881BC1C-1B10-43D4-AD4A-545D7C7C4160"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"51AD832B-5FAB-49CE-AF22-746BDD62E933"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"17DCA2C1-FD7A-430F-AD7C-4AB2DF7E233E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"8A7AE865-9E4F-4133-BB02-184F093FE750"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"F6DFBD76-20DB-497D-B407-1EAA5555B49F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"ECCA9286-C22B-4685-A0E0-A8A678920A16"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"64B21CD4-4D50-45EC-8297-D54A1BBC6521"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"E1D606A9-5C88-4F67-91BE-CA553BF1ED7C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"DA369F2E-2E17-4BEA-B894-14656D977B93"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"549D7EB5-C514-44CA-8760-7A464369048B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"7E0B6F31-DC75-49C9-9E59-EF1CD68B1B3D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"FA41B182-C466-48E8-A45D-22E0444557F9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.2.3","matchCriteriaId":"8D806FBF-8E6D-412C-B547-92AD9294B639"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.0.1.3","matchCriteriaId":"19079FFF-32A8-4109-BFA8-787532451731"}]}]}],"references":[{"url":"https://support.f5.com/csp/article/K94325657","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://support.f5.com/csp/article/K94325657","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}