PT-2018-17001 · F5 · Viprion 4300+3
Published
2018-04-13
·
Updated
2019-10-03
·
CVE-2018-5507
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP versions 11.5.1 through 11.5.5
F5 BIG-IP versions 11.6.1 through 11.6.2
F5 BIG-IP versions 12.1.0 through 12.1.3.1
F5 BIG-IP version 13.0.0
Description
The issue affects vCMP guests running on VIPRION 2100, 4200, and 4300 series blades, where they cannot correctly decrypt ciphertext from established SSL sessions with small MTU.
Recommendations
For F5 BIG-IP versions 11.5.1 through 11.5.5, update to a version that includes the necessary fix to correctly handle SSL decryption for small MTU sessions.
For F5 BIG-IP versions 11.6.1 through 11.6.2, update to a version that includes the necessary fix to correctly handle SSL decryption for small MTU sessions.
For F5 BIG-IP versions 12.1.0 through 12.1.3.1, update to a version that includes the necessary fix to correctly handle SSL decryption for small MTU sessions.
For F5 BIG-IP version 13.0.0, update to a version that includes the necessary fix to correctly handle SSL decryption for small MTU sessions.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
F5 Big-Ip
Viprion 2100
Viprion 4200
Viprion 4300