Vulnerability Name: CVE-2015-5058 (CCN-105875) Assigned: 2015-08-18 Published: 2015-08-18 Updated: 2015-08-26 Summary: Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted ICMP packets. CVSS v3 Severity: 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Low
CVSS v2 Severity: 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Complete
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Partial
Vulnerability Type: CWE-399 Vulnerability Consequences: Denial of Service References: Source: MITRECVE-2015-5058 1033334 bigip-cve20155058-dos(105875) ICMP packet processing vulnerability CVE-2015-5058 https://support.f5.com/kb/en-us/solutions/public/17000/000/sol17047.html Vulnerable Configuration: Configuration 1 :cpe:/a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:* OR cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:* BACK
f5 big-ip access policy manager 11.5.1
f5 big-ip access policy manager 11.5.3
f5 big-ip access policy manager 11.6.0
f5 big-ip advanced firewall manager 11.5.1
f5 big-ip advanced firewall manager 11.5.3
f5 big-ip advanced firewall manager 11.6.0
f5 big-ip analytics 11.5.1
f5 big-ip analytics 11.5.3
f5 big-ip analytics 11.6.0
f5 big-ip application acceleration manager 11.5.1
f5 big-ip application acceleration manager 11.5.3
f5 big-ip application acceleration manager 11.6.0
f5 big-ip application security manager 11.5.1
f5 big-ip application security manager 11.5.3
f5 big-ip application security manager 11.6.0
f5 big-ip global traffic manager 11.5.1
f5 big-ip global traffic manager 11.5.3
f5 big-ip global traffic manager 11.6.0
f5 big-ip link controller 11.5.1
f5 big-ip link controller 11.5.3
f5 big-ip link controller 11.6.0
f5 big-ip local traffic manager 11.5.1
f5 big-ip local traffic manager 11.5.3
f5 big-ip local traffic manager 11.6.0
f5 big-iq adc 4.5.0
f5 big-iq cloud 4.4.0
f5 big-iq cloud 4.5.0
f5 big-iq device 4.4.0
f5 big-iq device 4.5.0
f5 big-iq security 4.4.0
f5 big-iq security 4.5.0
f5 big-ip local traffic manager 11.5.1
f5 big-ip application acceleration manager 11.5.1
f5 big-ip advanced firewall manager 11.5.1
f5 big-ip local traffic manager 11.5.0
f5 big-ip local traffic manager 11.5.3
f5 big-ip local traffic manager 11.6.0
f5 big-ip application acceleration manager 11.5.3
f5 big-ip application acceleration manager 11.6.0
f5 big-ip advanced firewall manager 11.5.3
f5 big-ip advanced firewall manager 11.6.0
Denotes that component is vulnerable