PT-2018-16995 · F5 · Big-Ip
Published
2018-03-01
·
Updated
2018-03-23
·
CVE-2018-5501
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP systems versions 11.2.1
F5 BIG-IP systems versions 11.5.x
F5 BIG-IP systems versions 11.6.x
F5 BIG-IP systems versions 12.1.0 through 12.1.3.1
F5 BIG-IP systems version 13.0.0
Description
The issue is related to the TCP DNS profile, which allows excessive buffering due to a lack of flow control under certain circumstances.
Recommendations
For version 11.2.1, update the configuration to implement flow control for the TCP DNS profile.
For versions 11.5.x, update the configuration to implement flow control for the TCP DNS profile.
For versions 11.6.x, update the configuration to implement flow control for the TCP DNS profile.
For versions 12.1.0 through 12.1.3.1, update the configuration to implement flow control for the TCP DNS profile.
For version 13.0.0, update the configuration to implement flow control for the TCP DNS profile.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Big-Ip