Resource exhaustion in F5 Networks Server applications

#VU13510 Resource exhaustion in F5 Networks Server applications

Published: 2018-06-28 | Updated: 2018-06-29

Vulnerability identifier: #VU13510

Vulnerability risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-5527

CWE-ID: CWE-400

Exploitation vector: Network

Exploit availability: No

Vendor: F5 Networks

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in virtual servers configured with a Client SSL or Server SSL profile due to a flaw in the SSL Forward Proxy feature. A remote unauthenticated attacker can cause the target Traffic Management Microkernel (TMM) to consume excessive memory and cause performance degradation or a system reboot.

Mitigation
The vulnerability is fixed in the version 13.1.0.8.

Vulnerable software versions

BIG-IP LTM: 13.0.0 - 13.1.0

BIG-IP AAM: 13.0.0 - 13.1.0

BIG-IP AFM: 13.0.0 - 13.1.0

BIG-IP Analytics: 13.0.0 - 13.1.0

BIG-IP APM: 13.0.0 - 13.1.0

BIG-IP ASM: 13.0.0 - 13.1.0

BIG-IP DNS: 13.0.0 - 13.1.0

BIG-IP Edge Gateway: 13.0.0 - 13.1.0

BIG-IP GTM: 13.0.0 - 13.1.0

BIG-IP Link Controller: 13.0.0 - 13.1.0

BIG-IP PEM: 13.0.0 - 13.1.0

BIG-IP WebSafe: 13.0.0 - 13.1.0

BIG-IP WebAccelerator: 13.0.0 - 13.1.0

External links
http://support.f5.com/csp/article/K20134942

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in F5 BIG-IP