CVE-2018-5390

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

El kernel de Linux en versiones 4.9 y siguientes pueden forzarse a realizar llamadas muy caras a tcp_collapse_ofo_queue() y tcp_prune_ofo_queue() para cada paquete entrante, lo que puede conducir a una denegación de servicio.

A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses.

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-01-12 CVE Reserved
2018-08-06 CVE Published
2024-08-05 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (45)

URL	Tag	Source
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt	Third Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-en	Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/06/28/2	Mailing List
http://www.openwall.com/lists/oss-security/2019/07/06/3	Mailing List
http://www.openwall.com/lists/oss-security/2019/07/06/4	Mailing List
http://www.securityfocus.com/bid/104976	Third Party Advisory
http://www.securitytracker.com/id/1041424	Third Party Advisory
http://www.securitytracker.com/id/1041434	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf	Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html	Mailing List
https://security.netapp.com/advisory/ntap-20180815-0003	Third Party Advisory
https://support.f5.com/csp/article/K95343321	Third Party Advisory
https://support.f5.com/csp/article/K95343321?utm_source=f5support&amp%3Butm_medium=RSS	X_refsource_confirm
https://www.a10networks.com/support/security-advisories/tcp-ip-cve-2018-5390-segmentsmack	Mitigation
https://www.kb.cert.org/vuls/id/962459	Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html	Third Party Advisory
https://www.synology.com/support/security/Synology_SA_18_41	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72e	2023-11-07
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html	2023-11-07

URL	Date	SRC
https://access.redhat.com/errata/RHSA-2018:2384	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2395	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2402	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2403	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2645	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2776	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2785	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2789	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2790	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2791	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2924	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2933	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2948	2023-11-07
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-tcp	2023-11-07
https://usn.ubuntu.com/3732-1	2023-11-07
https://usn.ubuntu.com/3732-2	2023-11-07
https://usn.ubuntu.com/3741-1	2023-11-07
https://usn.ubuntu.com/3741-2	2023-11-07
https://usn.ubuntu.com/3742-1	2023-11-07
https://usn.ubuntu.com/3742-2	2023-11-07
https://usn.ubuntu.com/3763-1	2023-11-07
https://www.debian.org/security/2018/dsa-4266	2023-11-07
https://access.redhat.com/security/cve/CVE-2018-5390	2018-10-30
https://bugzilla.redhat.com/show_bug.cgi?id=1601704	2018-10-30
https://access.redhat.com/articles/3553061	2018-10-30

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Telepresence Video Communication Server Firmware Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware"	x8.10 Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware" and version "x8.10"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Video Communication Server Search vendor "Cisco" for product "Telepresence Video Communication Server"	-	-	Safe
Cisco Search vendor "Cisco"	Telepresence Video Communication Server Firmware Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware"	x8.10.1 Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware" and version "x8.10.1"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Video Communication Server Search vendor "Cisco" for product "Telepresence Video Communication Server"	-	-	Safe
Cisco Search vendor "Cisco"	Telepresence Video Communication Server Firmware Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware"	x8.10.2 Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware" and version "x8.10.2"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Video Communication Server Search vendor "Cisco" for product "Telepresence Video Communication Server"	-	-	Safe
Cisco Search vendor "Cisco"	Telepresence Video Communication Server Firmware Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware"	x8.10.3 Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware" and version "x8.10.3"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Video Communication Server Search vendor "Cisco" for product "Telepresence Video Communication Server"	-	-	Safe
Cisco Search vendor "Cisco"	Telepresence Video Communication Server Firmware Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware"	x8.10.4 Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware" and version "x8.10.4"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Video Communication Server Search vendor "Cisco" for product "Telepresence Video Communication Server"	-	-	Safe
Cisco Search vendor "Cisco"	Telepresence Video Communication Server Firmware Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware"	x8.11 Search vendor "Cisco" for product "Telepresence Video Communication Server Firmware" and version "x8.11"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Video Communication Server Search vendor "Cisco" for product "Telepresence Video Communication Server"	-	-	Safe
Cisco Search vendor "Cisco"	Telepresence Conductor Firmware Search vendor "Cisco" for product "Telepresence Conductor Firmware"	xc4.3 Search vendor "Cisco" for product "Telepresence Conductor Firmware" and version "xc4.3"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Conductor Search vendor "Cisco" for product "Telepresence Conductor"	-	-	Safe
Cisco Search vendor "Cisco"	Telepresence Conductor Firmware Search vendor "Cisco" for product "Telepresence Conductor Firmware"	xc4.3.1 Search vendor "Cisco" for product "Telepresence Conductor Firmware" and version "xc4.3.1"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Conductor Search vendor "Cisco" for product "Telepresence Conductor"	-	-	Safe
Cisco Search vendor "Cisco"	Telepresence Conductor Firmware Search vendor "Cisco" for product "Telepresence Conductor Firmware"	xc4.3.2 Search vendor "Cisco" for product "Telepresence Conductor Firmware" and version "xc4.3.2"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Conductor Search vendor "Cisco" for product "Telepresence Conductor"	-	-	Safe
Cisco Search vendor "Cisco"	Telepresence Conductor Firmware Search vendor "Cisco" for product "Telepresence Conductor Firmware"	xc4.3.3 Search vendor "Cisco" for product "Telepresence Conductor Firmware" and version "xc4.3.3"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Conductor Search vendor "Cisco" for product "Telepresence Conductor"	-	-	Safe
Cisco Search vendor "Cisco"	Telepresence Conductor Firmware Search vendor "Cisco" for product "Telepresence Conductor Firmware"	xc4.3.4 Search vendor "Cisco" for product "Telepresence Conductor Firmware" and version "xc4.3.4"	-	Affected	in	Cisco Search vendor "Cisco"	Telepresence Conductor Search vendor "Cisco" for product "Telepresence Conductor"	-	-	Safe
Redhat Search vendor "Redhat"		Virtualization Search vendor "Redhat" for product "Virtualization"				4.0 Search vendor "Redhat" for product "Virtualization" and version "4.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				6.4 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "6.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				6.5 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "6.5"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				6.6 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "6.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.2 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				6.4 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "6.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				6.7 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "6.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.2 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.5 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.5"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				6.6 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "6.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.2 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 4.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 4.18"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.18 Search vendor "Linux" for product "Linux Kernel" and version "4.18"		rc1		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.18 Search vendor "Linux" for product "Linux Kernel" and version "4.18"		rc2		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.18 Search vendor "Linux" for product "Linux Kernel" and version "4.18"		rc3		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.18 Search vendor "Linux" for product "Linux Kernel" and version "4.18"		rc4		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.18 Search vendor "Linux" for product "Linux Kernel" and version "4.18"		rc5		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.18 Search vendor "Linux" for product "Linux Kernel" and version "4.18"		rc6		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"		esm		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04"		lts		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0"		-		Affected
Hp Search vendor "Hp"		Aruba Airwave Amp Search vendor "Hp" for product "Aruba Airwave Amp"				< 8.2.7.1 Search vendor "Hp" for product "Aruba Airwave Amp" and version " < 8.2.7.1"		-		Affected
Hp Search vendor "Hp"		Aruba Clearpass Policy Manager Search vendor "Hp" for product "Aruba Clearpass Policy Manager"				>= 6.6.0 <= 6.6.9 Search vendor "Hp" for product "Aruba Clearpass Policy Manager" and version " >= 6.6.0 <= 6.6.9"		-		Affected
Hp Search vendor "Hp"		Aruba Clearpass Policy Manager Search vendor "Hp" for product "Aruba Clearpass Policy Manager"				>= 6.7.0 <= 6.7.5 Search vendor "Hp" for product "Aruba Clearpass Policy Manager" and version " >= 6.7.0 <= 6.7.5"		-		Affected
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				14.0.0 Search vendor "F5" for product "Big-ip Access Policy Manager" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				14.0.0 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Analytics" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Analytics" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Analytics" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				14.0.0 Search vendor "F5" for product "Big-ip Analytics" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				14.0.0 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				14.0.0 Search vendor "F5" for product "Big-ip Application Security Manager" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Domain Name System" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Domain Name System" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Domain Name System" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System"				14.0.0 Search vendor "F5" for product "Big-ip Domain Name System" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Edge Gateway Search vendor "F5" for product "Big-ip Edge Gateway"				>= 11.5.1. <= 11.6.3 Search vendor "F5" for product "Big-ip Edge Gateway" and version " >= 11.5.1. <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Edge Gateway Search vendor "F5" for product "Big-ip Edge Gateway"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Edge Gateway" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Edge Gateway Search vendor "F5" for product "Big-ip Edge Gateway"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Edge Gateway" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Edge Gateway Search vendor "F5" for product "Big-ip Edge Gateway"				14.0.0 Search vendor "F5" for product "Big-ip Edge Gateway" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Fraud Protection Service Search vendor "F5" for product "Big-ip Fraud Protection Service"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Fraud Protection Service" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Fraud Protection Service Search vendor "F5" for product "Big-ip Fraud Protection Service"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Fraud Protection Service" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Fraud Protection Service Search vendor "F5" for product "Big-ip Fraud Protection Service"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Fraud Protection Service" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Fraud Protection Service Search vendor "F5" for product "Big-ip Fraud Protection Service"				14.0.0 Search vendor "F5" for product "Big-ip Fraud Protection Service" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Global Traffic Manager Search vendor "F5" for product "Big-ip Global Traffic Manager"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Global Traffic Manager" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Global Traffic Manager Search vendor "F5" for product "Big-ip Global Traffic Manager"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Global Traffic Manager" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Global Traffic Manager Search vendor "F5" for product "Big-ip Global Traffic Manager"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Global Traffic Manager" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Global Traffic Manager Search vendor "F5" for product "Big-ip Global Traffic Manager"				14.0.0 Search vendor "F5" for product "Big-ip Global Traffic Manager" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				14.0.0 Search vendor "F5" for product "Big-ip Link Controller" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				>= 12.0.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 12.0.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				> 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " > 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				14.0.0 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				14.0.0 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Webaccelerator Search vendor "F5" for product "Big-ip Webaccelerator"				>= 11.5.1 <= 11.6.3 Search vendor "F5" for product "Big-ip Webaccelerator" and version " >= 11.5.1 <= 11.6.3"		-		Affected
F5 Search vendor "F5"		Big-ip Webaccelerator Search vendor "F5" for product "Big-ip Webaccelerator"				>= 12.1.0 <= 12.1.3 Search vendor "F5" for product "Big-ip Webaccelerator" and version " >= 12.1.0 <= 12.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Webaccelerator Search vendor "F5" for product "Big-ip Webaccelerator"				>= 13.0.0 <= 13.1.1 Search vendor "F5" for product "Big-ip Webaccelerator" and version " >= 13.0.0 <= 13.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Webaccelerator Search vendor "F5" for product "Big-ip Webaccelerator"				14.0.0 Search vendor "F5" for product "Big-ip Webaccelerator" and version "14.0.0"		-		Affected
F5 Search vendor "F5"		Traffix Systems Signaling Delivery Controller Search vendor "F5" for product "Traffix Systems Signaling Delivery Controller"				>= 5.0.0 <= 5.1.0 Search vendor "F5" for product "Traffix Systems Signaling Delivery Controller" and version " >= 5.0.0 <= 5.1.0"		-		Affected
F5 Search vendor "F5"		Traffix Systems Signaling Delivery Controller Search vendor "F5" for product "Traffix Systems Signaling Delivery Controller"				4.4.0 Search vendor "F5" for product "Traffix Systems Signaling Delivery Controller" and version "4.4.0"		-		Affected
A10networks Search vendor "A10networks"		Advanced Core Operating System Search vendor "A10networks" for product "Advanced Core Operating System"				3.2.2 Search vendor "A10networks" for product "Advanced Core Operating System" and version "3.2.2"		-		Affected
A10networks Search vendor "A10networks"		Advanced Core Operating System Search vendor "A10networks" for product "Advanced Core Operating System"				3.2.2 Search vendor "A10networks" for product "Advanced Core Operating System" and version "3.2.2"		p5		Affected
A10networks Search vendor "A10networks"		Advanced Core Operating System Search vendor "A10networks" for product "Advanced Core Operating System"				4.1.0 Search vendor "A10networks" for product "Advanced Core Operating System" and version "4.1.0"		-		Affected
A10networks Search vendor "A10networks"		Advanced Core Operating System Search vendor "A10networks" for product "Advanced Core Operating System"				4.1.0 Search vendor "A10networks" for product "Advanced Core Operating System" and version "4.1.0"		p11		Affected
A10networks Search vendor "A10networks"		Advanced Core Operating System Search vendor "A10networks" for product "Advanced Core Operating System"				4.1.1 Search vendor "A10networks" for product "Advanced Core Operating System" and version "4.1.1"		p8		Affected
A10networks Search vendor "A10networks"		Advanced Core Operating System Search vendor "A10networks" for product "Advanced Core Operating System"				4.1.2 Search vendor "A10networks" for product "Advanced Core Operating System" and version "4.1.2"		-		Affected
A10networks Search vendor "A10networks"		Advanced Core Operating System Search vendor "A10networks" for product "Advanced Core Operating System"				4.1.2 Search vendor "A10networks" for product "Advanced Core Operating System" and version "4.1.2"		p4		Affected
A10networks Search vendor "A10networks"		Advanced Core Operating System Search vendor "A10networks" for product "Advanced Core Operating System"				4.1.4 Search vendor "A10networks" for product "Advanced Core Operating System" and version "4.1.4"		-		Affected
A10networks Search vendor "A10networks"		Advanced Core Operating System Search vendor "A10networks" for product "Advanced Core Operating System"				4.1.4 Search vendor "A10networks" for product "Advanced Core Operating System" and version "4.1.4"		p1		Affected
Cisco Search vendor "Cisco"		Collaboration Meeting Rooms Search vendor "Cisco" for product "Collaboration Meeting Rooms"				1.0 Search vendor "Cisco" for product "Collaboration Meeting Rooms" and version "1.0"		-		Affected
Cisco Search vendor "Cisco"		Digital Network Architecture Center Search vendor "Cisco" for product "Digital Network Architecture Center"				1.2 Search vendor "Cisco" for product "Digital Network Architecture Center" and version "1.2"		-		Affected
Cisco Search vendor "Cisco"		Expressway Search vendor "Cisco" for product "Expressway"				x8.10 Search vendor "Cisco" for product "Expressway" and version "x8.10"		-		Affected
Cisco Search vendor "Cisco"		Expressway Search vendor "Cisco" for product "Expressway"				x8.10.1 Search vendor "Cisco" for product "Expressway" and version "x8.10.1"		-		Affected
Cisco Search vendor "Cisco"		Expressway Search vendor "Cisco" for product "Expressway"				x8.10.2 Search vendor "Cisco" for product "Expressway" and version "x8.10.2"		-		Affected
Cisco Search vendor "Cisco"		Expressway Search vendor "Cisco" for product "Expressway"				x8.10.3 Search vendor "Cisco" for product "Expressway" and version "x8.10.3"		-		Affected
Cisco Search vendor "Cisco"		Expressway Search vendor "Cisco" for product "Expressway"				x8.10.4 Search vendor "Cisco" for product "Expressway" and version "x8.10.4"		-		Affected
Cisco Search vendor "Cisco"		Expressway Search vendor "Cisco" for product "Expressway"				x8.11 Search vendor "Cisco" for product "Expressway" and version "x8.11"		-		Affected
Cisco Search vendor "Cisco"		Expressway Series Search vendor "Cisco" for product "Expressway Series"				-		-		Affected
Cisco Search vendor "Cisco"		Meeting Management Search vendor "Cisco" for product "Meeting Management"				1.0 Search vendor "Cisco" for product "Meeting Management" and version "1.0"		-		Affected
Cisco Search vendor "Cisco"		Meeting Management Search vendor "Cisco" for product "Meeting Management"				1.0.1 Search vendor "Cisco" for product "Meeting Management" and version "1.0.1"		-		Affected
Cisco Search vendor "Cisco"		Network Assurance Engine Search vendor "Cisco" for product "Network Assurance Engine"				2.1\(1a\) Search vendor "Cisco" for product "Network Assurance Engine" and version "2.1\(1a\)"		-		Affected
Cisco Search vendor "Cisco"		Threat Grid-cloud Search vendor "Cisco" for product "Threat Grid-cloud"				-		-		Affected
Cisco Search vendor "Cisco"		Webex Hybrid Data Security Search vendor "Cisco" for product "Webex Hybrid Data Security"				-		-		Affected
Cisco Search vendor "Cisco"		Webex Video Mesh Search vendor "Cisco" for product "Webex Video Mesh"				-		-		Affected