Description
On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the 'Allow NOTIFY From' configuration parameter when the db variable "dnsexpress.notifyport" is set to any value other than the default of "0".
References (1)
Core 1
Core References
Mitigation, Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K45435121
Scores
CVSS v3
3.7
EPSS
0.0038
EPSS Percentile
59.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Details
Status
published
Products (4)
f5/big-ip_domain_name_system
12.1.3 - 12.1.3.5
f5/big-ip_global_traffic_manager
12.1.3 - 12.1.3.5
f5/big-ip_link_controller
12.1.3 - 12.1.3.5
f5/big-ip_local_traffic_manager
12.1.3 - 12.1.3.5
Published
Jul 25, 2018
Tracked Since
Feb 18, 2026