CVE-2020-5881

Name of the Vulnerable Software and Affected Versions BIG-IP Virtual Edition (VE) versions 13.1.0 through 13.1.3.3 BIG-IP Virtual Edition (VE) versions 14.1.0 through 14.1.2.3 BIG-IP Virtual Edition (VE) versions 15.0.0 through 15.1.0.1

Description When the BIG-IP Virtual Edition (VE) is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer (NDAL) Interfaces can lock up, disrupting the communication between the mcpd and tmm processes.

Recommendations For versions 13.1.0 through 13.1.3.3, consider disabling the VLAN groups configuration as a temporary workaround until a patch is available. For versions 14.1.0 through 14.1.2.3, restrict access to the NDAL Interfaces to minimize the risk of exploitation. For versions 15.0.0 through 15.1.0.1, avoid using OSPF with devices connected to the BIG-IP Virtual Edition (VE) until the issue is resolved.