PT-2018-17011 · F5 · F5 Big-Ip

Published

2018-05-02

Updated

2018-06-13

CVE-2018-5517

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 13.1.0 through 13.1.0.5

Description The issue is caused by malformed TCP packets sent to a self IP address or a FastL4 virtual server, which may result in an interruption of service. This issue affects the data plane virtual servers and self IPs, but the control plane is not exposed to this problem.

Recommendations For F5 BIG-IP versions 13.1.0 through 13.1.0.5, consider restricting access to self IP addresses and FastL4 virtual servers to minimize the risk of exploitation until a fix is available.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-5517

Affected Products

F5 Big-Ip

PT-2018-17011 · F5 · F5 Big-Ip

CVE-2018-5517

Weakness Enumeration

Related Identifiers

Affected Products

References · 4