CVE-2018-5517

HIGH

F5 BIG-IP 13.1.0-13.1.0.5 - Denial of Service via Malformed TCP Packets

Title source: llm
STIX 2.1

Description

On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1040805
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K25573437

Scores

CVSS v3 7.5
EPSS 0.0075
EPSS Percentile 73.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (13)
f5/big-ip_access_policy_manager 13.1.0 - 13.1.0.5
f5/big-ip_advanced_firewall_manager 13.1.0 - 13.1.0.5
f5/big-ip_analytics 13.1.0 - 13.1.0.5
f5/big-ip_application_acceleration_manager 13.1.0 - 13.1.0.5
f5/big-ip_application_security_manager 13.1.0 - 13.1.0.5
f5/big-ip_domain_name_system 13.1.0 - 13.1.0.5
f5/big-ip_edge_gateway 13.1.0 - 13.1.0.5
f5/big-ip_global_traffic_manager 13.1.0 - 13.1.0.5
f5/big-ip_link_controller 13.1.0 - 13.1.0.5
f5/big-ip_local_traffic_manager 13.1.0 - 13.1.0.5
... and 3 more
Published May 02, 2018
Tracked Since Feb 18, 2026