Lucene search
HistoryJun 01, 2018 - 2:29 p.m.
CVE-2018-5513
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
40.1%
On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configuration is enabled. The control plane is not impacted by this issue.
Affected configurations
Node
f5big-ip_application_acceleration_managerRange11.2.1–11.5.5
ORf5big-ip_application_acceleration_managerRange11.6.1–11.6.3
ORf5big-ip_application_acceleration_managerRange12.1.0–12.1.3
ORf5big-ip_application_acceleration_managerRange13.1.0–13.1.0.4
ORf5big-ip_application_acceleration_managerMatch13.0.0
Node
f5big-ip_local_traffic_managerRange11.2.1–11.5.5
ORf5big-ip_local_traffic_managerRange11.6.1–11.6.3
ORf5big-ip_local_traffic_managerRange12.1.0–12.1.3
ORf5big-ip_local_traffic_managerRange13.1.0–13.1.0.4
ORf5big-ip_local_traffic_managerMatch13.0.0
Node
f5big-ip_advanced_firewall_managerRange11.2.1–11.5.5
ORf5big-ip_advanced_firewall_managerRange11.6.1–11.6.3
ORf5big-ip_advanced_firewall_managerRange12.1.0–12.1.3
ORf5big-ip_advanced_firewall_managerRange13.1.0–13.1.0.4
ORf5big-ip_advanced_firewall_managerMatch13.0.0
Node
f5big-ip_analyticsRange11.2.1–11.5.5
ORf5big-ip_analyticsRange11.6.1–11.6.3
ORf5big-ip_analyticsRange12.1.0–12.1.3
ORf5big-ip_analyticsRange13.1.0–13.1.0.4
ORf5big-ip_analyticsMatch13.0.0
Node
f5big-ip_access_policy_managerRange11.2.1–11.5.5
ORf5big-ip_access_policy_managerRange11.6.1–11.6.3
ORf5big-ip_access_policy_managerRange12.1.0–12.1.3
ORf5big-ip_access_policy_managerRange13.1.0–13.1.0.4
ORf5big-ip_access_policy_managerMatch13.0.0
Node
f5big-ip_application_security_managerRange11.2.1–11.5.5
ORf5big-ip_application_security_managerRange11.6.1–11.6.3
ORf5big-ip_application_security_managerRange12.1.0–12.1.3
ORf5big-ip_application_security_managerRange13.1.0–13.1.0.4
ORf5big-ip_application_security_managerMatch13.0.0
Node
f5big-ip_domain_name_systemRange11.2.1–11.5.5
ORf5big-ip_domain_name_systemRange11.6.1–11.6.3
ORf5big-ip_domain_name_systemRange12.1.0–12.1.3
ORf5big-ip_domain_name_systemRange13.1.0–13.1.0.4
ORf5big-ip_domain_name_systemMatch13.0.0
Node
f5big-ip_edge_gatewayRange11.2.1–11.5.5
ORf5big-ip_edge_gatewayRange11.6.1–11.6.3
ORf5big-ip_edge_gatewayRange12.1.0–12.1.3
ORf5big-ip_edge_gatewayRange13.1.0–13.1.0.4
ORf5big-ip_edge_gatewayMatch13.0.0
Node
f5big-ip_global_traffic_managerRange11.2.1–11.5.5
ORf5big-ip_global_traffic_managerRange11.6.1–11.6.3
ORf5big-ip_global_traffic_managerRange12.1.0–12.1.3
ORf5big-ip_global_traffic_managerRange13.1.0–13.1.0.4
ORf5big-ip_global_traffic_managerMatch13.0.0
Node
f5big-ip_link_controllerRange11.2.1–11.5.5
ORf5big-ip_link_controllerRange11.6.1–11.6.3
ORf5big-ip_link_controllerRange12.1.0–12.1.3
ORf5big-ip_link_controllerRange13.1.0–13.1.0.4
ORf5big-ip_link_controllerMatch13.0.0
Node
f5big-ip_policy_enforcement_managerRange11.2.1–11.5.5
ORf5big-ip_policy_enforcement_managerRange11.6.1–11.6.3
ORf5big-ip_policy_enforcement_managerRange12.1.0–12.1.3
ORf5big-ip_policy_enforcement_managerRange13.1.0–13.1.0.4
ORf5big-ip_policy_enforcement_managerMatch13.0.0
Node
f5big-ip_webacceleratorRange11.2.1–11.5.5
ORf5big-ip_webacceleratorRange11.6.1–11.6.3
ORf5big-ip_webacceleratorRange12.1.0–12.1.3
ORf5big-ip_webacceleratorRange13.1.0–13.1.0.4
ORf5big-ip_webacceleratorMatch13.0.0
Node
f5big-ip_websafeRange11.2.1–11.5.5
ORf5big-ip_websafeRange11.6.1–11.6.3
ORf5big-ip_websafeRange12.1.0–12.1.3
ORf5big-ip_websafeRange13.1.0–13.1.0.4
ORf5big-ip_websafeMatch13.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f5 | big-ip_application_acceleration_manager | * | cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_application_acceleration_manager | 13.0.0 | cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | * | cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | 13.0.0 | cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:* |
| f5 | big-ip_advanced_firewall_manager | * | cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 | cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:* |
| f5 | big-ip_analytics | * | cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* |
| f5 | big-ip_analytics | 13.0.0 | cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:* |
| f5 | big-ip_access_policy_manager | * | cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_access_policy_manager | 13.0.0 | cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2018-5513
2018-06-01 14:00:00
nessus
nessus
F5 Networks BIG-IP : TMM vulnerability (K46940010)
2018-11-02 00:00:00
f5
f5
K46940010 : TMM vulnerability CVE-2018-5513
2018-05-30 00:00:00
prion
prion
Information disclosure
2018-06-01 14:29:00
cve
cve
CVE-2018-5513
2018-06-01 14:29:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
40.1%
Related for NVD:CVE-2018-5513