CVE-2020-5885 : What You Need to Know
Learn about CVE-2020-5885 affecting BIG-IP systems, allowing information disclosure when configured for connection mirroring. Find mitigation steps and patching details here.
A vulnerability in BIG-IP systems could lead to information disclosure when set up for connection mirroring in a high availability pair.
Understanding CVE-2020-5885
What is CVE-2020-5885?
CVE-2020-5885 is a control plane issue affecting BIG-IP systems configured for connection mirroring in a high availability (HA) pair.
The Impact of CVE-2020-5885
The vulnerability allows sensitive cryptographic objects to be transferred over an insecure communications channel, potentially leading to information disclosure.
Technical Details of CVE-2020-5885
Vulnerability Description
- BIG-IP systems on specific versions transfer sensitive data insecurely during connection mirroring.
Affected Systems and Versions
- Products: BIG-IP
- Versions: 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1
Exploitation Mechanism
- The issue arises in the network used for connection mirroring, exposing cryptographic objects to potential interception.
Mitigation and Prevention
Immediate Steps to Take
- Disable connection mirroring if not essential for operations.
- Implement network segmentation to isolate critical systems.
Long-Term Security Practices
- Regularly monitor and audit network traffic for anomalies.
- Keep systems updated with the latest security patches.
- Conduct security training for personnel handling sensitive data.
Patching and Updates
- Apply patches provided by F5 to address the vulnerability.