PT-2018-12962 · F5 · Big-Ip

Publicado

2018-10-31

Atualizado

2018-12-14

CVE-2018-15318

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions BIG-IP versions 12.1.3.4 through 12.1.3.6 BIG-IP versions 13.1.0.4 through 13.1.1.1 BIG-IP versions 14.0.0 through 14.0.0.2

Description The issue occurs when an MPTCP connection receives an abort signal while the initial flow is not the primary flow, causing the initial flow to remain after the closing procedure is complete. This condition may lead to TMM restarting and producing a core file.

Recommendations For BIG-IP versions 12.1.3.4 through 12.1.3.6, update to a version outside of this range to resolve the issue. For BIG-IP versions 13.1.0.4 through 13.1.1.1, update to a version outside of this range to resolve the issue. For BIG-IP versions 14.0.0 through 14.0.0.2, update to a version outside of this range to resolve the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2018-15318

Produtos afetados

Big-Ip

PT-2018-12962 · F5 · Big-Ip

CVE-2018-15318

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3