Vulnerability Name:

CVE-2018-5517 (CCN-142680)

Assigned:2018-05-01
Published:2018-05-01
Updated:2018-06-13
Summary:On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2018-5517

Source: CCN
Type: SECTRACK ID: 1040805
F5 BIG-IP TCP Processing Flaw in the TMM Kernel Lets Remote Users Deny Data Plane Service

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1040805

Source: XF
Type: UNKNOWN
f5-cve20185517-dos(142680)

Source: CCN
Type: F5 Security Advisory K25573437
TMM vulnerability CVE-2018-5517

Source: CONFIRM
Type: Vendor Advisory
https://support.f5.com/csp/article/K25573437

Vulnerable Configuration:Configuration 1:
  • cpe:/a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 2:
  • cpe:/a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 3:
  • cpe:/a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 4:
  • cpe:/a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 5:
  • cpe:/a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 6:
  • cpe:/a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 7:
  • cpe:/a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 8:
  • cpe:/a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 9:
  • cpe:/a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 10:
  • cpe:/a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 11:
  • cpe:/a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 12:
  • cpe:/a:f5:big-ip_websafe:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration 13:
  • cpe:/a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (Version >= 13.1.0 and <= 13.1.0.5)

    • Configuration CCN 1:
  • cpe:/a:f5:big-ip:13.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:f5:big-ip:13.1.0.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    f5 big-ip local traffic manager *
    f5 big-ip application acceleration manager *
    f5 big-ip advanced firewall manager *
    f5 big-ip analytics *
    f5 big-ip access policy manager *
    f5 big-ip application security manager *
    f5 big-ip edge gateway *
    f5 big-ip global traffic manager *
    f5 big-ip link controller *
    f5 big-ip policy enforcement manager *
    f5 big-ip webaccelerator *
    f5 big-ip websafe *
    f5 big-ip domain name system *
    f5 big-ip 13.1.0
    f5 big-ip 13.1.0.5