CVE-2018-5509

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions of BIG-IP. Starting in 12.1.0, BIG-IP will crash if the configuration which exposes this issue is enabled and the virtual server receives non TCP traffic. With the fix of this issue, additional configuration validation logic has been added to prevent this configuration from being applied to a virtual server. There is only data plane exposure to this issue with a non-standard configuration. There is no control plane exposure.

En las versiones 13.0.0 o desde la 12.1.0 hasta la 12.1.3.1 de F5 BIG-IP, cuando un servidor virtual específicamente configurado recibe tráfico de naturaleza no revelada, TMM se cerrará inesperadamente y tomará la acción de conmutación por error configurada. Esto podría provocar una denegación de servicio (DoS). La configuración que expone este problema no es común y, en general, no funciona cuando se habilita en versiones anteriores de BIG-IP. Desde la versión 12.1.0, BIG-IP se cerrará inesperadamente si la configuración que expone este problema está habilitada y el servidor virtual recibe tráfico de un tipo distinto a TCP. Con la solución a este problema, se ha añadido lógica de validación de configuración adicional para evitar que se aplique esta configuración en un servidor virtual. Solo hay exposición del plano de datos a este problema con una configuración no estándar. No hay ninguna exposición del plano de control.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-01-12 CVE Reserved
2018-03-22 CVE Published
2023-09-22 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (3)

URL	Tag	Source
http://www.securityfocus.com/bid/103504	Third Party Advisory
http://www.securitytracker.com/id/1040562	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://support.f5.com/csp/article/K49440608	2018-04-20

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				>= 12.1.0 < 12.1.3.2 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 12.1.0 < 12.1.3.2"		-		Affected
F5 Search vendor "F5"		Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager"				>= 13.0.0 < 13.1.0.4 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 13.0.0 < 13.1.0.4"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				>= 12.1.0 < 12.1.3.2 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 12.1.0 < 12.1.3.2"		-		Affected
F5 Search vendor "F5"		Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager"				>= 13.0.0 < 13.1.0.4 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 13.0.0 < 13.1.0.4"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 12.1.0 < 12.1.3.2 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 12.1.0 < 12.1.3.2"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 13.0.0 < 13.1.0.4 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 13.0.0 < 13.1.0.4"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				>= 12.1.0 < 12.3.1.2 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 12.1.0 < 12.3.1.2"		-		Affected
F5 Search vendor "F5"		Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager"				>= 13.0.0 < 13.1.0.4 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 13.0.0 < 13.1.0.4"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 12.1.0 < 12.1.3.2 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 12.1.0 < 12.1.3.2"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 13.0.0 < 13.1.0.4 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 13.0.0 < 13.1.0.4"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				>= 12.1.0 < 12.1.3.2 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 12.1.0 < 12.1.3.2"		-		Affected
F5 Search vendor "F5"		Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager"				>= 13.0.0 < 13.1.0.4 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 13.0.0 < 13.1.0.4"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				>= 12.1.0 < 12.1.3.2 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 12.1.0 < 12.1.3.2"		-		Affected
F5 Search vendor "F5"		Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager"				>= 13.0.0 < 13.1.0.4 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 13.0.0 < 13.1.0.4"		-		Affected
F5 Search vendor "F5"		Big-ip Websafe Search vendor "F5" for product "Big-ip Websafe"				1.0.0 Search vendor "F5" for product "Big-ip Websafe" and version "1.0.0"		-		Affected