CVE-2018-5391

The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegación de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. Un atacante podría provocar una condición de denegación de servicio (DoS) mediante el envío de fragmentos de IP especialmente manipulados. Se han descubierto varias vulnerabilidades en la fragmentación de IP, que se han ido solucionando a lo largo de los años. La vulnerabilidad actual (CVE-2018-5391) se volvió explotable en el kernel de Linux con el aumento del tamaño de la cola de reensamblado de fragmentos de IP.

A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.

*Credits: Thanks to Juha-Matti Tilli (Aalto University, Department of Communications and Networking / Nokia Bell Labs) for reporting this vulnerability.

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-01-12 CVE Reserved
2018-08-14 CVE Published
2024-06-21 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation
CWE-400: Uncontrolled Resource Consumption

CAPEC

References (38)

URL	Tag	Source
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt	Third Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en	Broken Link
http://www.openwall.com/lists/oss-security/2019/06/28/2	Mailing List
http://www.openwall.com/lists/oss-security/2019/07/06/3	Mailing List
http://www.openwall.com/lists/oss-security/2019/07/06/4	Mailing List
http://www.securityfocus.com/bid/105108	Third Party Advisory
http://www.securitytracker.com/id/1041476	Third Party Advisory
http://www.securitytracker.com/id/1041637	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html	Mailing List
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html	Mailing List
https://security.netapp.com/advisory/ntap-20181003-0002	Third Party Advisory
https://support.f5.com/csp/article/K74374841?utm_source=f5support&amp%3Butm_medium=RSS	X_refsource_confirm
https://www.kb.cert.org/vuls/id/641765	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f	2023-11-07

URL	Date	SRC
https://access.redhat.com/errata/RHSA-2018:2785	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2791	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2846	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2924	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2925	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2933	2023-11-07
https://access.redhat.com/errata/RHSA-2018:2948	2023-11-07
https://access.redhat.com/errata/RHSA-2018:3083	2023-11-07
https://access.redhat.com/errata/RHSA-2018:3096	2023-11-07
https://access.redhat.com/errata/RHSA-2018:3459	2023-11-07
https://access.redhat.com/errata/RHSA-2018:3540	2023-11-07
https://access.redhat.com/errata/RHSA-2018:3586	2023-11-07
https://access.redhat.com/errata/RHSA-2018:3590	2023-11-07
https://usn.ubuntu.com/3740-1	2023-11-07
https://usn.ubuntu.com/3740-2	2023-11-07
https://usn.ubuntu.com/3741-1	2023-11-07
https://usn.ubuntu.com/3741-2	2023-11-07
https://usn.ubuntu.com/3742-1	2023-11-07
https://usn.ubuntu.com/3742-2	2023-11-07
https://www.debian.org/security/2018/dsa-4272	2023-11-07
https://access.redhat.com/security/cve/CVE-2018-5391	2018-11-13
https://bugzilla.redhat.com/show_bug.cgi?id=1609664	2018-11-13
https://access.redhat.com/articles/3553061	2018-11-13

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"	Ruggedcom Rm1224 Firmware Search vendor "Siemens" for product "Ruggedcom Rm1224 Firmware"	< 6.1 Search vendor "Siemens" for product "Ruggedcom Rm1224 Firmware" and version " < 6.1"	-	Affected	in	Siemens Search vendor "Siemens"	Ruggedcom Rm1224 Search vendor "Siemens" for product "Ruggedcom Rm1224"	-	-	Safe
Siemens Search vendor "Siemens"	Ruggedcom Rox Ii Firmware Search vendor "Siemens" for product "Ruggedcom Rox Ii Firmware"	< 2.13.3 Search vendor "Siemens" for product "Ruggedcom Rox Ii Firmware" and version " < 2.13.3"	-	Affected	in	Siemens Search vendor "Siemens"	Ruggedcom Rox Ii Search vendor "Siemens" for product "Ruggedcom Rox Ii"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance M-800 Firmware Search vendor "Siemens" for product "Scalance M-800 Firmware"	< 6.1 Search vendor "Siemens" for product "Scalance M-800 Firmware" and version " < 6.1"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance M-800 Search vendor "Siemens" for product "Scalance M-800"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance S615 Firmware Search vendor "Siemens" for product "Scalance S615 Firmware"	< 6.1 Search vendor "Siemens" for product "Scalance S615 Firmware" and version " < 6.1"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance S615 Search vendor "Siemens" for product "Scalance S615"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance Sc-600 Firmware Search vendor "Siemens" for product "Scalance Sc-600 Firmware"	< 2.0 Search vendor "Siemens" for product "Scalance Sc-600 Firmware" and version " < 2.0"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance Sc-600 Search vendor "Siemens" for product "Scalance Sc-600"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance W1700 Ieee 802.11ac Firmware Search vendor "Siemens" for product "Scalance W1700 Ieee 802.11ac Firmware"	< 2.0 Search vendor "Siemens" for product "Scalance W1700 Ieee 802.11ac Firmware" and version " < 2.0"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance W1700 Ieee 802.11ac Search vendor "Siemens" for product "Scalance W1700 Ieee 802.11ac"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance W700 Ieee 802.11a\/b\/g\/n Firmware Search vendor "Siemens" for product "Scalance W700 Ieee 802.11a\/b\/g\/n Firmware"	< 6.4 Search vendor "Siemens" for product "Scalance W700 Ieee 802.11a\/b\/g\/n Firmware" and version " < 6.4"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance W700 Ieee 802.11a\/b\/g\/n Search vendor "Siemens" for product "Scalance W700 Ieee 802.11a\/b\/g\/n"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1242-7 Firmware Search vendor "Siemens" for product "Simatic Net Cp 1242-7 Firmware"	< 3.2 Search vendor "Siemens" for product "Simatic Net Cp 1242-7 Firmware" and version " < 3.2"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1242-7 Search vendor "Siemens" for product "Simatic Net Cp 1242-7"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1243-1 Firmware Search vendor "Siemens" for product "Simatic Net Cp 1243-1 Firmware"	< 3.2 Search vendor "Siemens" for product "Simatic Net Cp 1243-1 Firmware" and version " < 3.2"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1243-1 Search vendor "Siemens" for product "Simatic Net Cp 1243-1"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1243-7 Lte Eu Firmware Search vendor "Siemens" for product "Simatic Net Cp 1243-7 Lte Eu Firmware"	< 3.2 Search vendor "Siemens" for product "Simatic Net Cp 1243-7 Lte Eu Firmware" and version " < 3.2"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1243-7 Lte Eu Search vendor "Siemens" for product "Simatic Net Cp 1243-7 Lte Eu"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1243-7 Lte Us Firmware Search vendor "Siemens" for product "Simatic Net Cp 1243-7 Lte Us Firmware"	< 3.2 Search vendor "Siemens" for product "Simatic Net Cp 1243-7 Lte Us Firmware" and version " < 3.2"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1243-7 Lte Us Search vendor "Siemens" for product "Simatic Net Cp 1243-7 Lte Us"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1243-8 Irc Firmware Search vendor "Siemens" for product "Simatic Net Cp 1243-8 Irc Firmware"	< 3.2 Search vendor "Siemens" for product "Simatic Net Cp 1243-8 Irc Firmware" and version " < 3.2"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1243-8 Irc Search vendor "Siemens" for product "Simatic Net Cp 1243-8 Irc"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1542sp-1 Firmware Search vendor "Siemens" for product "Simatic Net Cp 1542sp-1 Firmware"	< 2.1 Search vendor "Siemens" for product "Simatic Net Cp 1542sp-1 Firmware" and version " < 2.1"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1542sp-1 Search vendor "Siemens" for product "Simatic Net Cp 1542sp-1"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1542sp-1 Irc Firmware Search vendor "Siemens" for product "Simatic Net Cp 1542sp-1 Irc Firmware"	< 2.1 Search vendor "Siemens" for product "Simatic Net Cp 1542sp-1 Irc Firmware" and version " < 2.1"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1542sp-1 Irc Search vendor "Siemens" for product "Simatic Net Cp 1542sp-1 Irc"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1543-1 Firmware Search vendor "Siemens" for product "Simatic Net Cp 1543-1 Firmware"	< 2.2 Search vendor "Siemens" for product "Simatic Net Cp 1543-1 Firmware" and version " < 2.2"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1543-1 Search vendor "Siemens" for product "Simatic Net Cp 1543-1"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1543sp-1 Firmware Search vendor "Siemens" for product "Simatic Net Cp 1543sp-1 Firmware"	< 2.1 Search vendor "Siemens" for product "Simatic Net Cp 1543sp-1 Firmware" and version " < 2.1"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1543sp-1 Search vendor "Siemens" for product "Simatic Net Cp 1543sp-1"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Rf185c Firmware Search vendor "Siemens" for product "Simatic Rf185c Firmware"	< 1.3 Search vendor "Siemens" for product "Simatic Rf185c Firmware" and version " < 1.3"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Rf185c Search vendor "Siemens" for product "Simatic Rf185c"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Rf186c Firmware Search vendor "Siemens" for product "Simatic Rf186c Firmware"	< 1.3 Search vendor "Siemens" for product "Simatic Rf186c Firmware" and version " < 1.3"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Rf186c Search vendor "Siemens" for product "Simatic Rf186c"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Rf186ci Firmware Search vendor "Siemens" for product "Simatic Rf186ci Firmware"	< 1.3 Search vendor "Siemens" for product "Simatic Rf186ci Firmware" and version " < 1.3"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Rf186ci Search vendor "Siemens" for product "Simatic Rf186ci"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Rf188 Firmware Search vendor "Siemens" for product "Simatic Rf188 Firmware"	< 1.3 Search vendor "Siemens" for product "Simatic Rf188 Firmware" and version " < 1.3"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Rf188 Search vendor "Siemens" for product "Simatic Rf188"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Rf188ci Firmware Search vendor "Siemens" for product "Simatic Rf188ci Firmware"	< 1.3 Search vendor "Siemens" for product "Simatic Rf188ci Firmware" and version " < 1.3"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Rf188ci Search vendor "Siemens" for product "Simatic Rf188ci"	-	-	Safe
Siemens Search vendor "Siemens"	Sinema Remote Connect Server Firmware Search vendor "Siemens" for product "Sinema Remote Connect Server Firmware"	>= 1.1 < 2.0.1 Search vendor "Siemens" for product "Sinema Remote Connect Server Firmware" and version " >= 1.1 < 2.0.1"	-	Affected	in	Siemens Search vendor "Siemens"	Sinema Remote Connect Server Search vendor "Siemens" for product "Sinema Remote Connect Server"	-	-	Safe
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.9 <= 4.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.9 <= 4.18"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				6.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				6.4 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "6.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				6.5 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "6.5"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				6.6 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "6.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.2 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				6.7 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "6.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus"				7.5 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.5"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				6.6 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "6.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.2 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"		esm		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04"		lts		Affected
Microsoft Search vendor "Microsoft"		Windows 10 Search vendor "Microsoft" for product "Windows 10"				-		-		Affected
Microsoft Search vendor "Microsoft"		Windows 10 Search vendor "Microsoft" for product "Windows 10"				1607 Search vendor "Microsoft" for product "Windows 10" and version "1607"		-		Affected
Microsoft Search vendor "Microsoft"		Windows 10 Search vendor "Microsoft" for product "Windows 10"				1703 Search vendor "Microsoft" for product "Windows 10" and version "1703"		-		Affected
Microsoft Search vendor "Microsoft"		Windows 10 Search vendor "Microsoft" for product "Windows 10"				1709 Search vendor "Microsoft" for product "Windows 10" and version "1709"		-		Affected
Microsoft Search vendor "Microsoft"		Windows 10 Search vendor "Microsoft" for product "Windows 10"				1803 Search vendor "Microsoft" for product "Windows 10" and version "1803"		-		Affected
Microsoft Search vendor "Microsoft"		Windows 7 Search vendor "Microsoft" for product "Windows 7"				-		sp1		Affected
Microsoft Search vendor "Microsoft"		Windows 8.1 Search vendor "Microsoft" for product "Windows 8.1"				-		-		Affected
Microsoft Search vendor "Microsoft"		Windows Rt 8.1 Search vendor "Microsoft" for product "Windows Rt 8.1"				-		-		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				-		sp2		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				r2 Search vendor "Microsoft" for product "Windows Server 2008" and version "r2"		sp1, x64		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				r2 Search vendor "Microsoft" for product "Windows Server 2008" and version "r2"		sp1, itanium		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2012 Search vendor "Microsoft" for product "Windows Server 2012"				-		-		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2012 Search vendor "Microsoft" for product "Windows Server 2012"				r2 Search vendor "Microsoft" for product "Windows Server 2012" and version "r2"		-		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2016 Search vendor "Microsoft" for product "Windows Server 2016"				-		-		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2016 Search vendor "Microsoft" for product "Windows Server 2016"				1709 Search vendor "Microsoft" for product "Windows Server 2016" and version "1709"		-		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2016 Search vendor "Microsoft" for product "Windows Server 2016"				1803 Search vendor "Microsoft" for product "Windows Server 2016" and version "1803"		-		Affected
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Analytics" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Analytics" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Analytics" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Analytics" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Analytics" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Domain Name System" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Domain Name System" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Domain Name System" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Domain Name System" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Domain Name System" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Edge Gateway Search vendor "F5" for product "Big-ip Edge Gateway"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Edge Gateway" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Edge Gateway Search vendor "F5" for product "Big-ip Edge Gateway"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Edge Gateway" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Edge Gateway Search vendor "F5" for product "Big-ip Edge Gateway"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Edge Gateway" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Edge Gateway Search vendor "F5" for product "Big-ip Edge Gateway"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Edge Gateway" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Edge Gateway Search vendor "F5" for product "Big-ip Edge Gateway"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Edge Gateway" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Fraud Protection Service Search vendor "F5" for product "Big-ip Fraud Protection Service"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Fraud Protection Service" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Fraud Protection Service Search vendor "F5" for product "Big-ip Fraud Protection Service"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Fraud Protection Service" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Fraud Protection Service Search vendor "F5" for product "Big-ip Fraud Protection Service"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Fraud Protection Service" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Fraud Protection Service Search vendor "F5" for product "Big-ip Fraud Protection Service"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Fraud Protection Service" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Fraud Protection Service Search vendor "F5" for product "Big-ip Fraud Protection Service"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Fraud Protection Service" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Global Traffic Manager Search vendor "F5" for product "Big-ip Global Traffic Manager"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Global Traffic Manager" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Global Traffic Manager Search vendor "F5" for product "Big-ip Global Traffic Manager"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Global Traffic Manager" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Global Traffic Manager Search vendor "F5" for product "Big-ip Global Traffic Manager"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Global Traffic Manager" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Global Traffic Manager Search vendor "F5" for product "Big-ip Global Traffic Manager"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Global Traffic Manager" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Global Traffic Manager Search vendor "F5" for product "Big-ip Global Traffic Manager"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Global Traffic Manager" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 14.1.0 < 14.1.2.4"		-		Affected
F5 Search vendor "F5"		Big-ip Webaccelerator Search vendor "F5" for product "Big-ip Webaccelerator"				>= 11.5.1 < 11.6.5.1 Search vendor "F5" for product "Big-ip Webaccelerator" and version " >= 11.5.1 < 11.6.5.1"		-		Affected
F5 Search vendor "F5"		Big-ip Webaccelerator Search vendor "F5" for product "Big-ip Webaccelerator"				>= 12.1.0 < 12.1.5 Search vendor "F5" for product "Big-ip Webaccelerator" and version " >= 12.1.0 < 12.1.5"		-		Affected
F5 Search vendor "F5"		Big-ip Webaccelerator Search vendor "F5" for product "Big-ip Webaccelerator"				>= 13.0.0 < 13.1.3 Search vendor "F5" for product "Big-ip Webaccelerator" and version " >= 13.0.0 < 13.1.3"		-		Affected
F5 Search vendor "F5"		Big-ip Webaccelerator Search vendor "F5" for product "Big-ip Webaccelerator"				>= 14.0.0 < 14.0.1.1 Search vendor "F5" for product "Big-ip Webaccelerator" and version " >= 14.0.0 < 14.0.1.1"		-		Affected
F5 Search vendor "F5"		Big-ip Webaccelerator Search vendor "F5" for product "Big-ip Webaccelerator"				>= 14.1.0 < 14.1.2.4 Search vendor "F5" for product "Big-ip Webaccelerator" and version " >= 14.1.0 < 14.1.2.4"		-		Affected