Rewterz Threat Advisory – CVE-2020-13671 – Drupal Core Critical Remote Code Execution Vulnerability
November 20, 2020Rewterz Threat Alert – Trickbot IOCs
November 23, 2020Rewterz Threat Advisory – CVE-2020-13671 – Drupal Core Critical Remote Code Execution Vulnerability
November 20, 2020Rewterz Threat Alert – Trickbot IOCs
November 23, 2020Severity
Medium
Analysis Summary
CVE-2020-5947
F5 BIG-IP could allow a remote authenticated attacker to bypass security restrictions, caused by the ability to obtain TCP sequence numbers. By spoofing TCP packets, an attacker could exploit this vulnerability to perform TCP sequence prediction attack.
Impact
Security bypass
Affected Vendors
F5
Affected Products
- F5 BIG-IP 15.0.0
- F5 BIG-IP 16.0.0
- F5 BIG-IP 15.1.1
Remediation
Refer to F5 Security Advisory K64571774 for patch, upgrade or suggested workaround information.