CVE-2020-5897
moderate-risk
Published 2020-05-12
In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component.
Do I need to act?
-
0.86% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
NETWORK
/ LOW complexity
Affected Products (2)
Affected Vendors
References (2)
Vendor Advisory
https://support.f5.com/csp/article/K20346072
Vendor Advisory
https://support.f5.com/csp/article/K20346072
40
/ 100
moderate-risk
Severity
30/34 · Critical
Exploitability
3/34 · Minimal
Exposure
7/34 · Low