CVE-2018-5503

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 12.0.0 through 12.1.3.1 F5 BIG-IP versions 13.0.0 through 13.1.0.3

Description The issue occurs when the Traffic Management Microkernel (TMM) processes a specifically crafted page through a virtual server with an associated Policy Enforcement Manager (PEM) policy that has content insertion as an action, potentially causing TMM to restart.

Recommendations For F5 BIG-IP versions 12.0.0 through 12.1.3.1, consider disabling content insertion in PEM policies associated with virtual servers to minimize the risk of TMM restarts. For F5 BIG-IP versions 13.0.0 through 13.1.0.3, consider disabling content insertion in PEM policies associated with virtual servers to minimize the risk of TMM restarts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.