ID CVE-2018-5501
Summary In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.
References
Vulnerable Configurations
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:11.5.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:11.5.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:11.5.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:11.5.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_dns:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_dns:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.5.4:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.5.4:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.5.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.5.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.5.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.5.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:hotfix2:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:hotfix2:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:hotfix3:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:hotfix3:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:11.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:11.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:11.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:11.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:11.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:11.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:11.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:11.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:11.5.4:hotfix4:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:11.5.4:hotfix4:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 23-03-2018 - 13:40)
Impact:
Exploitability:
CWE CWE-400
CAPEC
  • XML Entity Expansion
    An attacker submits an XML document to a target application where the XML document uses nested entity expansion to produce an excessively large output XML. XML allows the definition of macro-like structures that can be used to simplify the creation of complex structures. However, this capability can be abused to create excessive demands on a processor's CPU and memory. A small number of nested expansions can result in an exponential growth in demands on memory.
  • Regular Expression Exponential Blowup
    An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions. The algorithm builds a finite state machine and based on the input transitions through all the states until the end of the input is reached. NFA engines may evaluate each character in the input string multiple times during the backtracking. The algorithm tries each path through the NFA one by one until a match is found; the malicious input is crafted so every path is tried which results in a failure. Exploitation of the Regex results in programs hanging or taking a very long time to complete. These attacks may target various layers of the Internet due to regular expressions being used in validation.
  • XML Ping of the Death
    An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bid 103211
confirm https://support.f5.com/csp/article/K44200194
Last major update 23-03-2018 - 13:40
Published 01-03-2018 - 16:29
Last modified 23-03-2018 - 13:40
Back to Top