CVE-2018-5542

2018-07-2514:00:00

www.cve.org

AI Score

8.2

Confidence

High

EPSS

0.002

Percentile

56.7%

JSON

F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server.

CNA Affected

[
  {
    "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
    "vendor": "F5 Networks, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "13.0.0-13.0.1"
      },
      {
        "status": "affected",
        "version": "12.1.0-12.1.3.6"
      },
      {
        "status": "affected",
        "version": "11.2.1-11.6.3.2"
      }
    ]
  }
]

References

support.f5.com/csp/article/K05112543