Lucene search

[email protected]CVE-2015-5058

HistoryAug 24, 2015 - 2:59 p.m.

CVE-2015-5058

2015-08-2414:59:05

CWE-399

[email protected]

web.nvd.nist.gov

cve-2015-5058

memory leak

big-ip

ltm

aam

afm

analytics

apm

asm

gtm

link controller

pem

big-iq

cloud

device

security

adc

denial of service

dos

icmp packets

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.5%

JSON

Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted ICMP packets.

Affected configurations

NVD

Node

f5big-ip_access_policy_managerMatch11.5.1

f5big-ip_access_policy_managerMatch11.5.3

f5big-ip_access_policy_managerMatch11.6.0

f5big-ip_advanced_firewall_managerMatch11.5.1

f5big-ip_advanced_firewall_managerMatch11.5.3

f5big-ip_advanced_firewall_managerMatch11.6.0

f5big-ip_analyticsMatch11.5.1

f5big-ip_analyticsMatch11.5.3

f5big-ip_analyticsMatch11.6.0

f5big-ip_application_acceleration_managerMatch11.5.1

f5big-ip_application_acceleration_managerMatch11.5.3

f5big-ip_application_acceleration_managerMatch11.6.0

f5big-ip_application_security_managerMatch11.5.1

f5big-ip_application_security_managerMatch11.5.3

f5big-ip_application_security_managerMatch11.6.0

f5big-ip_global_traffic_managerMatch11.5.1

f5big-ip_global_traffic_managerMatch11.5.3

f5big-ip_global_traffic_managerMatch11.6.0

f5big-ip_link_controllerMatch11.5.1

f5big-ip_link_controllerMatch11.5.3

f5big-ip_link_controllerMatch11.6.0

f5big-ip_local_traffic_managerMatch11.5.1

f5big-ip_local_traffic_managerMatch11.5.3

f5big-ip_local_traffic_managerMatch11.6.0

f5big-iq_adcMatch4.5.0

f5big-iq_cloudMatch4.4.0

f5big-iq_cloudMatch4.5.0

f5big-iq_deviceMatch4.4.0

f5big-iq_deviceMatch4.5.0

f5big-iq_securityMatch4.4.0

f5big-iq_securityMatch4.5.0

CPENameOperatorVersion
f5:big-ip_access_policy_managerf5 big-ip access policy managereq11.5.1
f5:big-ip_access_policy_managerf5 big-ip access policy managereq11.5.3
f5:big-ip_access_policy_managerf5 big-ip access policy managereq11.6.0
f5:big-ip_advanced_firewall_managerf5 big-ip advanced firewall managereq11.5.1
f5:big-ip_advanced_firewall_managerf5 big-ip advanced firewall managereq11.5.3
f5:big-ip_advanced_firewall_managerf5 big-ip advanced firewall managereq11.6.0
f5:big-ip_analyticsf5 big-ip analyticseq11.5.1
f5:big-ip_analyticsf5 big-ip analyticseq11.5.3
f5:big-ip_analyticsf5 big-ip analyticseq11.6.0
f5:big-ip_application_acceleration_managerf5 big-ip application acceleration managereq11.5.1

CPE	Name	Operator	Version
f5:big-ip_access_policy_manager	f5 big-ip access policy manager	eq	11.5.1
f5:big-ip_access_policy_manager	f5 big-ip access policy manager	eq	11.5.3
f5:big-ip_access_policy_manager	f5 big-ip access policy manager	eq	11.6.0
f5:big-ip_advanced_firewall_manager	f5 big-ip advanced firewall manager	eq	11.5.1
f5:big-ip_advanced_firewall_manager	f5 big-ip advanced firewall manager	eq	11.5.3
f5:big-ip_advanced_firewall_manager	f5 big-ip advanced firewall manager	eq	11.6.0
f5:big-ip_analytics	f5 big-ip analytics	eq	11.5.1
f5:big-ip_analytics	f5 big-ip analytics	eq	11.5.3
f5:big-ip_analytics	f5 big-ip analytics	eq	11.6.0
f5:big-ip_application_acceleration_manager	f5 big-ip application acceleration manager	eq	11.5.1