Multiple vulnerabilities in F5 BIG-IP
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 10 |
| CVE-ID | CVE-2018-5510 CVE-2017-6155 CVE-2018-5515 CVE-2018-5519 CVE-2018-5518 CVE-2018-5520 CVE-2018-5516 CVE-2018-5512 CVE-2018-5514 CVE-2018-5517 |
| CWE-ID | CWE-404 CWE-287 CWE-284 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
BIG-IP Analytics Hardware solutions / Security hardware applicances BIG-IP LTM Hardware solutions / Security hardware applicances BIG-IP AFM Hardware solutions / Security hardware applicances BIG-IP APM Hardware solutions / Security hardware applicances BIG-IP ASM Hardware solutions / Security hardware applicances BIG-IP GTM Hardware solutions / Security hardware applicances BIG-IP PEM Hardware solutions / Security hardware applicances BIG-IP PSM Hardware solutions / Security hardware applicances BIG-IP AAM Hardware solutions / Routers & switches, VoIP, GSM, etc BIG-IP DNS Hardware solutions / Routers & switches, VoIP, GSM, etc BIG-IP Edge Gateway Hardware solutions / Routers & switches, VoIP, GSM, etc BIG-IP WebAccelerator Hardware solutions / Routers & switches, VoIP, GSM, etc BIG-IP Link Controller Hardware solutions / Routers & switches, VoIP, GSM, etc BIG-IP WebSafe Server applications / Server solutions for antivurus protection |
| Vendor | F5 Networks |
Security Bulletin
This security bulletin contains information about 10 vulnerabilities.
1) Improper resource shutdown
EUVDB-ID: #VU12295
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-5510
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the Traffic Management Microkernel due to improper resource shutdown when processing a specific sequence of packets on IPv6 virtual servers. A remote attacker can cause the service to crash.
Update to version 11.5.6.
Vulnerable software versionsBIG-IP Analytics: 11.5.4 HF4 - 11.5.5
BIG-IP LTM: 11.5.4 HF4 - 11.5.5
BIG-IP AAM: 11.5.4 HF4 - 11.5.5
BIG-IP AFM: 11.5.4 HF4 - 11.5.5
BIG-IP APM: 11.5.4 HF4 - 11.5.5
BIG-IP ASM: 11.5.4 HF4 - 11.5.5
BIG-IP DNS: 11.5.4 HF4 - 11.5.5
BIG-IP Edge Gateway: 11.5.4 HF4 - 11.5.5
BIG-IP GTM: 11.5.4 HF4 - 11.5.5
BIG-IP PEM: 11.5.4 HF4 - 11.5.5
BIG-IP WebAccelerator: 11.5.4 HF4 - 11.5.5
BIG-IP WebSafe: 11.5.4 HF4 - 11.5.5
CPE2.3- cpe:2.3:h:f5_networks:big-ip_analytics:11.5.4 HF4:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_analytics:11.5.5:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:11.5.4 HF4:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:11.5.5:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.5.4:HF4:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.5.5:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.5.4:HF4:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.5.5:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:11.5.4:HF4:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:11.5.5:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_asm:11.5.4 HF4:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_dns:11.5.4:HF4:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_edge_gateway:11.5.4 HF4:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_gtm:11.5.4 HF4:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_pem:11.5.4 HF4:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_webaccelerator:11.5.4 HF4:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-ip_websafe:11.5.4 HF4:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K77671456
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper resource shutdown
EUVDB-ID: #VU12319
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-6155
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to improper resource shutdown. A remote attacker can submit malformed SPDY or HTTP/2 requests and cause the service to crash.
Update to version 13.1.0, 13.0.1, 12.1.3.1, 11.6.3 or 11.5.6.
Vulnerable software versionsBIG-IP LTM: 11.2.1 - 13.0.0
BIG-IP AAM: 11.2.1 - 13.0.0
BIG-IP AFM: 11.2.1 - 13.0.0
BIG-IP APM: 11.2.1 - 13.0.0
BIG-IP ASM: 11.2.1 - 13.0.0
BIG-IP Edge Gateway: 11.2.1 - 13.0.0
BIG-IP Link Controller: 11.2.1 - 13.0.0
BIG-IP PEM: 11.2.1 - 13.0.0
BIG-IP PSM: 11.2.1 - 13.0.0
BIG-IP WebAccelerator: 11.2.1 - 13.0.0
BIG-IP WebSafe: 11.2.1 - 13.0.0
CPE2.3- cpe:2.3:h:f5_networks:big-ip_ltm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.5.2:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_asm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_pem:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_psm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-ip_websafe:11.2.1:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K10930474
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper authentication
EUVDB-ID: #VU12329
Risk: Medium
CVSSv4.0: 5.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Green]
CVE-ID: CVE-2018-5515
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The weakness exists in the target Traffic Management Microkernel (TMM) component due to a remote IPv6 RADIUS server can return a specially crafted authentication response. A remote attacker can cause the service to crash.
Update to version 13.1.0.6.
Vulnerable software versionsBIG-IP LTM: 13.0.0 - 13.1.0
BIG-IP AAM: 13.0.0 - 13.1.0
BIG-IP AFM: 13.0.0 - 13.1.0
BIG-IP Analytics: 13.0.0 - 13.1.0
BIG-IP APM: 13.0.0 - 13.1.0
BIG-IP ASM: 13.0.0 - 13.1.0
BIG-IP DNS: 13.0.0 - 13.1.0
BIG-IP Edge Gateway: 13.0.0 - 13.1.0
BIG-IP GTM: 13.0.0 - 13.1.0
BIG-IP Link Controller: 13.0.0 - 13.1.0
BIG-IP PEM: 13.0.0 - 13.1.0
BIG-IP WebAccelerator: 13.0.0 - 13.1.0
BIG-IP WebSafe: 13.0.0 - 13.1.0
CPE2.3- cpe:2.3:h:f5_networks:big-ip_ltm:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:13.0.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:13.0.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:13.0.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_analytics:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_asm:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_dns:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_gtm:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_pem:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-ip_websafe:13.0.0:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K62750376
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper access control
EUVDB-ID: #VU12330
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-5519
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to write arbitrary files on the target system.
The weakness exists in the slldump utility due to improper access control. A remote attacker can write to arbitrary file paths.
Update to version 12.1.3.4 or 13.1.0.6.
Vulnerable software versionsBIG-IP LTM: 11.2.1 - 13.1.0
BIG-IP AAM: 11.2.1 - 13.1.0
BIG-IP AFM: 11.2.1 - 13.1.0
BIG-IP Analytics: 11.2.1 - 13.1.0
BIG-IP APM: 11.2.1 - 13.1.0
BIG-IP ASM: 11.2.1 - 13.1.0
BIG-IP DNS: 11.2.1 - 13.1.0
BIG-IP Edge Gateway: 11.2.1 - 13.1.0
BIG-IP GTM: 11.2.1 - 13.1.0
BIG-IP Link Controller: 11.2.1 - 13.1.0
BIG-IP PEM: 11.2.1 - 13.1.0
BIG-IP WebAccelerator: 11.2.1 - 13.1.0
BIG-IP WebSafe: 11.2.1 - 13.1.0
CPE2.3- cpe:2.3:h:f5_networks:big-ip_ltm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:11.4.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:11.5.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.4.0:HF4:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.4.0:HF6:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.4.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.5.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_analytics:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_asm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_dns:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_gtm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_pem:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-ip_websafe:11.2.1:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K46121888
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper access control
EUVDB-ID: #VU12331
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-5518
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The weakness exists in the vcmpd process due to improper access control. An adjacent attacker can cause the service to crash.
Update to version 12.1.3.4 or 13.1.0.6.
Vulnerable software versionsBIG-IP LTM: 12.0.0 HF1 - 13.1.0
BIG-IP AAM: 12.0.0 HF1 - 13.1.0
BIG-IP AFM: 12.0.0 HF1 - 13.1.0
BIG-IP Analytics: 12.0.0 HF1 - 13.1.0
BIG-IP APM: 12.0 HF1 - 13.1.0
BIG-IP ASM: 12.0.0 HF1 - 13.1.0
BIG-IP DNS: 12.0.0 HF1 - 13.1.0
BIG-IP Edge Gateway: 12.0.0 - 13.1.0
BIG-IP GTM: 12.0.0 - 13.1.0
BIG-IP Link Controller: 12.0.0 HF1 - 13.1.0
BIG-IP PEM: 12.0.0 HF1 - 13.1.0
BIG-IP WebAccelerator: 12.0.0 - 13.1.0
BIG-IP WebSafe: 12.0.0 HF3 - 13.1.0
CPE2.3- cpe:2.3:h:f5_networks:big-ip_ltm:12.0.0 HF1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:12.0.0 HF3:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:12.0.0 HF4:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:12.0.0:HF1:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:12.0.0:HF3:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:12.0.0:HF4:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:12.0.0:HF1:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:12.0.0:HF3:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:12.0.0:HF4:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_analytics:12.0.0 HF1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:12.0:HF1:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_asm:12.0.0 HF1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_dns:12.0.0:HF1:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_edge_gateway:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_gtm:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_link_controller:12.0.0 HF1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_pem:12.0.0 HF1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_webaccelerator:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-ip_websafe:12.0.0 HF3:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K03165684
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU12332
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-5520
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.
The weakness exists in the TMOS Shell (tmsh) due to improper information control. A remote attacker can gain access to potentially sensitive information via the dig utility.
Update to version 12.1.3.2 or 13.1.0.6.
Vulnerable software versionsBIG-IP LTM: 11.2.1 - 13.1.0
BIG-IP AAM: 11.2.1 - 13.1.0
BIG-IP AFM: 11.2.1 - 13.1.0
BIG-IP Analytics: 11.2.1 - 13.1.0
BIG-IP APM: 11.2.1 - 13.1.0
BIG-IP ASM: 11.2.1 - 13.1.0
BIG-IP DNS: 11.2.1 - 13.1.0
BIG-IP Edge Gateway: 11.2.1 - 13.1.0
BIG-IP GTM: 11.2.1 - 13.1.0
BIG-IP Link Controller: 11.2.1 - 13.1.0
BIG-IP PEM: 11.2.1 - 13.1.0
BIG-IP WebAccelerator: 11.2.1 - 13.1.0
BIG-IP WebSafe: 11.2.1 - 13.1.0
CPE2.3- cpe:2.3:h:f5_networks:big-ip_ltm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:11.4.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:11.5.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.4.0:HF4:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.4.0:HF6:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.4.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.5.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_analytics:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_asm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_dns:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_gtm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_pem:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-ip_websafe:11.2.1:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K02043709
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Information disclosure
EUVDB-ID: #VU12333
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-5516
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.
The weakness exists in the TMOS Shell (tmsh) due to improper information control. A remote attacker can bypass tmsh restrictions and gain access to potentially sensitive information.
Update to version 12.1.3 or 13.1.0.6.
Vulnerable software versionsBIG-IP LTM: 11.2.1 - 13.1.0
BIG-IP AAM: 11.2.1 - 13.1.0
BIG-IP AFM: 11.2.1 - 13.1.0
BIG-IP Analytics: 11.2.1 - 13.1.0
BIG-IP APM: 11.2.1 - 13.1.0
BIG-IP ASM: 11.2.1 - 13.1.0
BIG-IP DNS: 11.2.1 - 13.1.0
BIG-IP Edge Gateway: 11.2.1 - 13.1.0
BIG-IP GTM: 11.2.1 - 13.1.0
BIG-IP Link Controller: 11.2.1 - 13.1.0
BIG-IP PEM: 11.2.1 - 13.1.0
BIG-IP WebAccelerator: 11.2.1 - 13.1.0
BIG-IP WebSafe: 11.2.1 - 13.1.0
CPE2.3- cpe:2.3:h:f5_networks:big-ip_ltm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:11.4.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_ltm:11.5.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.4.0:HF4:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:11.4.0:HF6:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.4.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:11.5.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_analytics:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_asm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_dns:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_gtm:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_pem:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-ip_websafe:11.2.1:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K37442533
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper resource shutdown
EUVDB-ID: #VU12334
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-5512
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the target Traffic Management Microkernel (TMM) component due to improper resource shutdown. A remote attacker can send specially crafted traffic and cause the service to crash.
Update to version 13.1.0.6.
Vulnerable software versionsBIG-IP LTM: 13.1.0
BIG-IP AAM: 13.1.0
BIG-IP AFM: 13.1.0
BIG-IP Analytics: 13.1.0
BIG-IP APM: 13.1.0
BIG-IP ASM: 13.1.0
BIG-IP DNS: 13.1.0
BIG-IP Edge Gateway: 13.1.0
BIG-IP GTM: 13.1.0
BIG-IP Link Controller: 13.1.0
BIG-IP PEM: 13.1.0
BIG-IP WebAccelerator: 13.1.0
BIG-IP WebSafe: 13.1.0
CPE2.3- cpe:2.3:h:f5_networks:big-ip_ltm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_analytics:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_asm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_dns:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_edge_gateway:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_gtm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_link_controller:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_pem:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_webaccelerator:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-ip_websafe:13.1.0:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K51754851
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper resource shutdown
EUVDB-ID: #VU12335
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-5514
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the target Traffic Management Microkernel (TMM) component due to improper resource shutdown. A remote attacker can send specially crafted HTTP/2 request frames and cause the service to crash.
Update to version 13.1.0.6.
Vulnerable software versionsBIG-IP LTM: 13.1.0
BIG-IP AAM: 13.1.0
BIG-IP AFM: 13.1.0
BIG-IP Analytics: 13.1.0
BIG-IP APM: 13.1.0
BIG-IP ASM: 13.1.0
BIG-IP DNS: 13.1.0
BIG-IP Edge Gateway: 13.1.0
BIG-IP GTM: 13.1.0
BIG-IP Link Controller: 13.1.0
BIG-IP PEM: 13.1.0
BIG-IP WebAccelerator: 13.1.0
BIG-IP WebSafe: 13.1.0
CPE2.3- cpe:2.3:h:f5_networks:big-ip_ltm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_analytics:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_asm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_dns:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_edge_gateway:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_gtm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_link_controller:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_pem:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_webaccelerator:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-ip_websafe:13.1.0:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K45320419
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper resource shutdown
EUVDB-ID: #VU12336
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-5517
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the target Traffic Management Microkernel (TMM) component due to improper resource shutdown. A remote attacker can send specially crafted TCP packets to the target self IP address or FastL4 virtual server and cause the service to crash.
Update to version 13.1.0.6.
Vulnerable software versionsBIG-IP LTM: 13.1.0
BIG-IP AAM: 13.1.0
BIG-IP AFM: 13.1.0
BIG-IP Analytics: 13.1.0
BIG-IP APM: 13.1.0
BIG-IP ASM: 13.1.0
BIG-IP DNS: 13.1.0
BIG-IP Edge Gateway: 13.1.0
BIG-IP GTM: 13.1.0
BIG-IP Link Controller: 13.1.0
BIG-IP PEM: 13.1.0
BIG-IP WebAccelerator: 13.1.0
BIG-IP WebSafe: 13.1.0
CPE2.3- cpe:2.3:h:f5_networks:big-ip_ltm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_aam:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_afm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_analytics:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_asm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_dns:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_edge_gateway:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_gtm:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_link_controller:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_pem:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_webaccelerator:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-ip_websafe:13.1.0:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K25573437
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
