Vulnerability Name:

CVE-2018-5509 (CCN-140660)

Assigned:2018-03-22
Published:2018-03-22
Updated:2018-04-20
Summary:On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions of BIG-IP. Starting in 12.1.0, BIG-IP will crash if the configuration which exposes this issue is enabled and the virtual server receives non TCP traffic. With the fix of this issue, additional configuration validation logic has been added to prevent this configuration from being applied to a virtual server. There is only data plane exposure to this issue with a non-standard configuration. There is no control plane exposure.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2018-5509

Source: CCN
Type: SECTRACK ID: 1040562
F5 BIG-IP Unspecified Flaw in Traffic Management Operating System (TMOS) Lets Remote Users Deny Service

Source: BID
Type: Third Party Advisory, VDB Entry
103504

Source: CCN
Type: BID-103504
Multiple F5 BIG-IP Products CVE-2018-5509 Remote Denial of Service Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1040562

Source: XF
Type: UNKNOWN
f5-cve20185509-dos(140660)

Source: CCN
Type: F5 Security Advisory K49440608
TMOS vulnerability CVE-2018-5509

Source: CONFIRM
Type: Vendor Advisory
https://support.f5.com/csp/article/K49440608

Vulnerable Configuration:Configuration 1:
  • cpe:/a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.3.2)
  • OR cpe:/a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.0.4)
  • OR cpe:/a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.3.2)
  • OR cpe:/a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.0.4)
  • OR cpe:/a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.3.2)
  • OR cpe:/a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.0.4)
  • OR cpe:/a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.3.1.2)
  • OR cpe:/a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.0.4)
  • OR cpe:/a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.3.2)
  • OR cpe:/a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.0.4)
  • OR cpe:/a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.3.2)
  • OR cpe:/a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.0.4)
  • OR cpe:/a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.3.2)
  • OR cpe:/a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.0.4)
  • OR cpe:/a:f5:big-ip_websafe:1.0.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:f5:big-ip:12.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:f5:big-ip:13.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:f5:big-ip:12.1.3.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    f5 big-ip access policy manager *
    f5 big-ip access policy manager *
    f5 big-ip advanced firewall manager *
    f5 big-ip advanced firewall manager *
    f5 big-ip application acceleration manager *
    f5 big-ip application acceleration manager *
    f5 big-ip application security manager *
    f5 big-ip application security manager *
    f5 big-ip link controller *
    f5 big-ip link controller *
    f5 big-ip local traffic manager *
    f5 big-ip local traffic manager *
    f5 big-ip policy enforcement manager *
    f5 big-ip policy enforcement manager *
    f5 big-ip websafe 1.0.0
    f5 big-ip 12.1.0
    f5 big-ip 13.0.0
    f5 big-ip 12.1.3.1