CVE-2018-5518

MEDIUM

F5 BIG-IP <13.1.0.5, 12.1.3.3 - DoS

Title source: llm
STIX 2.1

Description

On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest can cause a disruption of service on adjacent VCMP guests running on the same host. Exploiting this vulnerability causes the vCMPd process on the adjacent VCMP guest to restart and produce a core file. This issue is only exploitable on a VCMP guest which is operating in "host-only" or "bridged" mode. VCMP guests which are "isolated" are not impacted by this issue and do not provide mechanism to exploit the vulnerability. Guests which are deployed in "Appliance Mode" may be impacted however the exploit is not possible from an Appliance Mode guest. To exploit this vulnerability root access on a guest system deployed as "host-only" or "bridged" mode is required.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K03165684
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1040797

Scores

CVSS v3 5.4
EPSS 0.0011
EPSS Percentile 29.2%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

Details

Status published
Products (13)
f5/big-ip_access_policy_manager 12.0.0 - 12.1.3
f5/big-ip_advanced_firewall_manager 12.0.0 - 12.1.3
f5/big-ip_analytics 12.0.0 - 12.1.3
f5/big-ip_application_acceleration_manager 12.0.0 - 12.1.3
f5/big-ip_application_security_manager 12.0.0 - 12.1.3
f5/big-ip_domain_name_system 12.0.0 - 12.1.3
f5/big-ip_edge_gateway 12.0.0 - 12.1.3
f5/big-ip_global_traffic_manager 12.0.0 - 12.1.3
f5/big-ip_link_controller 12.0.0 - 12.1.3
f5/big-ip_local_traffic_manager 12.0.0 - 12.1.3
... and 3 more
Published May 02, 2018
Tracked Since Feb 18, 2026