CVE-2020-5914 : Exploit Details and Defense Strategies

In BIG-IP ASM versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an undisclosed server cookie scenario may cause BD to restart under certain circumstances.

Understanding CVE-2020-5914

This CVE involves a Denial of Service (DoS) vulnerability in BIG-IP ASM.

What is CVE-2020-5914?

CVE-2020-5914 is a vulnerability in BIG-IP ASM versions that could lead to a Denial of Service due to an undisclosed server cookie scenario.

The Impact of CVE-2020-5914

The vulnerability could result in a Denial of Service condition, potentially disrupting services and causing system instability.

Technical Details of CVE-2020-5914

This section provides more technical insights into the vulnerability.

Vulnerability Description

The vulnerability in BIG-IP ASM versions allows for a Denial of Service attack triggered by an undisclosed server cookie scenario.

Affected Systems and Versions

BIG-IP ASM versions 15.1.0-15.1.0.4
BIG-IP ASM versions 15.0.0-15.0.1.3
BIG-IP ASM versions 14.1.0-14.1.2.3
BIG-IP ASM versions 13.1.0-13.1.3.3
BIG-IP ASM versions 12.1.0-12.1.5.1
BIG-IP ASM versions 11.6.1-11.6.5.1

Exploitation Mechanism

The vulnerability can be exploited by manipulating server cookies, leading to a scenario that triggers the system to restart unexpectedly.

Mitigation and Prevention

Protect your systems from CVE-2020-5914 with the following steps:

Immediate Steps to Take

Apply vendor-supplied patches promptly.
Monitor system logs for any unusual restart activities.
Implement network-level controls to mitigate potential DoS attacks.

Long-Term Security Practices

Regularly update and patch software to address known vulnerabilities.
Conduct security assessments and audits to identify and remediate weaknesses.

Patching and Updates

Stay informed about security advisories from the vendor.
Keep systems up to date with the latest patches and security fixes.