CVE-2015-4638

F5 BIG-IP 11.3.0-11.5.2, 11.6.0-11.6.0 HF4 DoS via Fragmented Packet

Title source: llm

Description

The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1033578

Scores

EPSS 0.0073

EPSS Percentile 72.8%

Details

CWE

CWE-20

Status published

Products (50)

f5/big-ip_advanced_firewall_manager 11.3.0

f5/big-ip_advanced_firewall_manager 11.4.0

f5/big-ip_advanced_firewall_manager 11.4.1

f5/big-ip_advanced_firewall_manager 11.5.0

f5/big-ip_advanced_firewall_manager 11.5.1

f5/big-ip_advanced_firewall_manager 11.5.2

f5/big-ip_advanced_firewall_manager 11.6.0

f5/big-ip_analytics 11.3.0

f5/big-ip_analytics 11.4.0

f5/big-ip_analytics 11.4.1

... and 40 more

Published Sep 18, 2015

Tracked Since Feb 18, 2026