Lucene search

K
f5F5F5:K23520761
HistoryMar 21, 2018 - 12:00 a.m.

K23520761 : BIG-IP ASM and BIG-IP AFM/BIG-IP Analytics vulnerability CVE-2018-5505

2018-03-2100:00:00
my.f5.com
15

0.003 Low

EPSS

Percentile

66.0%

Security Advisory Description

On F5 BIG-IP 13.1.0 - 13.1.0.3, when ASM and one or more of these modules (AFM/AVR) are provisioned, the Traffic Management Microkernel (TMM) may restart while processing DNS requests when the virtual server is configured with a DNS profile and the Protocol setting is set toTCP. (CVE-2018-5505)

Note: The BIG-IP Analytics (AVR) module is automatically enabled when BIG-IP AFM is provisioned.

Impact

An attacker may be able to execute a remote denial of service. Disabling any of the components mentioned in the description (for example, removing the DNS profile from the virtual server) avoids the issue. Virtual servers configured with UDP for the Protocol setting are not affected.

0.003 Low

EPSS

Percentile

66.0%

Related for F5:K23520761