K75432956 : BIG-IP ASM vulnerability CVE-2018-5539

2018-07-2400:00:00

my.f5.com

0.001 Low

EPSS

Percentile

35.2%

JSON

Security Advisory Description

Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file. (CVE-2018-5539)

Impact

BIG-IP

The affected BIG-IP ASM system fails to process traffic while the bd process restarts.

BIG-IQ, F5 iWorkflow, Enterprise Manager, ARX, and Traffix SDC

There is no impact; these F5 products are not affected by this vulnerability.

CPENameOperatorVersion
big-iq centralized managementeq4.6.0
big-iq centralized managementeq5.0.0
big-iq centralized managementeq5.1.0
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-ip afmeq11.5.1
big-ip afmeq11.5.2
big-ip afmeq11.5.3

Name	Operator	Version
big-iq centralized management	eq	4.6.0
big-iq centralized management	eq	5.0.0
big-iq centralized management	eq	5.1.0
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3

Rows per page:

1-10 of 2011

0.001 Low

EPSS

Percentile

35.2%

JSON

Related for F5:K75432956