CVE-2018-5508

🗓️ 13 Apr 2018 13:00:00Reported by f5Type

F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.5.1-11.5.5, or 11.2.1 may crash when processing compressed data through a Virtual Server with a PEM profile using content insertion

Reporter	Title	Published	Views	Family All 7
CNVD	F5 BIG-IP PEM Denial of Service Vulnerability (CNVD-2018-07870)	13 Apr 201800:00	–	cnvd
Cvelist	CVE-2018-5508	13 Apr 201813:00	–	cvelist
EUVD	EUVD-2018-17277	7 Oct 202500:30	–	euvd
F5 Networks	K10329515: BIG-IP PEM vulnerability CVE-2018-5508	21 Feb 202319:52	–	f5
Tenable Nessus	F5 Networks BIG-IP : BIG-IP PEM vulnerability (K10329515)	2 Nov 201800:00	–	nessus
NVD	CVE-2018-5508	13 Apr 201813:29	–	nvd
Prion	Information disclosure	13 Apr 201813:29	–	prion

NVD

Node

f5 big-ip_policy_enforcement_managerRange11.5.1–11.5.5

f5 big-ip_policy_enforcement_managerRange11.6.0–11.6.2

f5 big-ip_policy_enforcement_managerRange12.0.0–12.1.3

f5 big-ip_policy_enforcement_managerMatch11.2.1

f5 big-ip_policy_enforcement_managerMatch13.0.0

[
  {
    "product": "BIG-IP (PEM)",
    "vendor": "F5 Networks, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "13.0.0"
      },
      {
        "status": "affected",
        "version": "12.0.0-12.1.3.1"
      },
      {
        "status": "affected",
        "version": "11.6.0-11.6.2"
      },
      {
        "status": "affected",
        "version": "11.5.1-11.5.5"
      },
      {
        "status": "affected",
        "version": "11.2.1"
      }
    ]
  }
]

Source	Link
support	www.support.f5.com/csp/article/K10329515

21 Nov 2024 04:08Current

5.7Medium risk

Vulners AI Score5.7

CVSS 24.3

CVSS 35.9

EPSS0.00647