{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T08:39:57.475","vulnerabilities":[{"cve":{"id":"CVE-2020-5916","sourceIdentifier":"f5sirt@f5.com","published":"2020-08-26T15:15:13.210","lastModified":"2024-11-21T05:34:49.353","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In BIG-IP versions 15.1.0-15.1.0.4 and 15.0.0-15.0.1.3 the Certificate Administrator user role and higher privileged roles can perform arbitrary file reads outside of the web root directory."},{"lang":"es","value":"En BIG-IP versiones 15.1.0-15.1.0.4 y 15.0.0-15.0.1.3, el rol de usuario Certificate Administrator y roles mas privilegiados pueden llevar a cabo lecturas de archivos arbitrarias fuera del directorio root web"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"E9170095-A9BB-4D24-9925-39256D7CE2C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"8BE97C4B-EAF8-4454-8912-DFE2BFB3E15E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"5B59E16D-7645-492A-9C1D-A8724FFCA28F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"91FA2E18-1602-402A-87EA-231A8C61CC61"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"92F370C2-3C5A-416D-83C1-A4F84866E958"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"6439340B-3E7E-4895-B261-875D999AA695"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"997D12F1-098D-4C42-A6A2-B4F59AC78F0F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"D54A63E0-A445-4674-B6B8-BEF946B71EFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"E6C4B56F-D022-4268-9D78-6E4D12AE9215"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"2785E847-1627-4DD7-8361-6D3715A7ED5E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"62F2CBB9-C4FE-4065-8F13-E677E572F4B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"F4FCDB52-F7D2-41BF-8B60-59FEBA9C05DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"EAFC0D83-7F64-44F2-A014-37DE3CAF846A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"65F3F502-8DD7-4360-9954-3E6B245478F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"920BC3DD-A1D4-403B-83D2-00636C20FFC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"A9CA2DAE-5D37-4D5D-8CD9-B20F152C3A46"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"49C8BE4A-DED6-451A-B6EE-AC95DD26F85A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"A77E2903-63E6-40ED-8BA5-C239A5C4257C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"DEC0E30F-6550-4BC9-8DA7-6BD495DBF415"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"0C4497A7-F6EC-4FBB-A2A6-44D26946A996"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"D5D90F4A-FA2A-412F-8591-D1CA6399ECAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"3A04B2EA-9BCA-4756-B867-D728218B78C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"BAD2867D-D646-4B01-A383-6A47B51D059E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"9E45D995-6842-4C71-96CD-D7974F125506"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.1.4","matchCriteriaId":"4F54A8AE-61F3-4F43-82BF-55842B56064A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.0.5","matchCriteriaId":"B421699A-DA88-4E2D-B7EB-A2B7F0540079"}]}]}],"references":[{"url":"https://support.f5.com/csp/article/K29923912","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://support.f5.com/csp/article/K29923912","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}