SOAP parser vulnerability CVE-2013-1824

2014-12-01T21:06:00
ID F5:K15879
Type f5
Reporter f5
Modified 2017-04-06T16:50:00

Description

F5 Product Development has assigned ID 477313 (BIG-IP), ID 482170 (BIG-IQ), and ID 482174 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, BIG-IP iHealth may list Heuristic H492812 on the Diagnostics > Identified > Medium screen.

To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:

Product | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature
---|---|---|---
BIG-IP LTM | 11.0.0 - 11.4.1
10.0.0 - 10.2.4
| 11.5.0 - 11.6.0 | XML parsing

BIG-IP AAM | 11.4.0 - 11.4.1 | 11.5.0 - 11.6.0 | XML parsing
BIG-IP AFM | 11.3.0 - 11.4.1
| 11.5.0 - 11.6.0 | XML parsing
BIG-IP Analytics | 11.0.0 - 11.4.1 | 11.5.0 - 11.6.0 | XML parsing
BIG-IP APM | 11.0.0 - 11.4.1

10.1.0 - 10.2.4 | 11.5.0 - 11.6.0 | XML parsing
BIG-IP ASM | 11.0.0 - 11.4.1

10.0.0 - 10.2.4 | 11.5.0 - 11.6.0 | XML parsing
BIG-IP Edge Gateway | 11.0.0 - 11.3.0

10.1.0 - 10.2.4 | None | XML parsing
BIG-IP GTM | 11.0.0 - 11.4.1

10.0.0 - 10.2.4 | 11.5.0 - 11.6.0 | XML parsing
BIG-IP Link Controller | 11.0.0 - 11.4.1

10.0.0 - 10.2.4 | 11.5.0 - 11.6.0 | XML parsing
BIG-IP PEM | 11.3.0 - 11.4.1
| 11.5.0 - 11.6.0 | XML parsing
BIG-IP PSM | 11.0.0 - 11.4.1
10.0.0 - 10.2.4
| None | XML parsing
BIG-IP WebAccelerator | 11.0.0 - 11.3.0
10.0.0 - 10.2.4
| None | XML parsing
BIG-IP WOM | 11.0.0 - 11.3.0
10.0.0 - 10.2.4
| None | XML parsing
ARX | None | 6.0.0 - 6.4.0 | None
Enterprise Manager | 3.0.0 - 3.1.1
2.1.0 - 2.3.0
| None | XML parsing
FirePass | None | 7.0.0
6.0.0 - 6.1.0 | None
BIG-IQ Cloud | 4.0.0 - 4.3.0 | 4.4.0 | XML parsing
BIG-IQ Device | 4.2.0 - 4.3.0
| 4.4.0 | XML parsing
BIG-IQ Security | 4.0.0 - 4.3.0* | 4.4.0 | XML parsing

*Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are therefore not exploitable.

If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.