{"containers": {"cna": {"affected": [{"product": "BIG-IP (LTM, AAM, AFM, APM, ASM, Link Controller, PEM, WebSafe)", "vendor": "F5 Networks, Inc.", "versions": [{"status": "affected", "version": "13.0.0"}, {"status": "affected", "version": "12.1.0 - 12.1.3.1"}]}], "datePublic": "2018-03-21T00:00:00", "descriptions": [{"lang": "en", "value": "On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions of BIG-IP. Starting in 12.1.0, BIG-IP will crash if the configuration which exposes this issue is enabled and the virtual server receives non TCP traffic. With the fix of this issue, additional configuration validation logic has been added to prevent this configuration from being applied to a virtual server. There is only data plane exposure to this issue with a non-standard configuration. There is no control plane exposure."}], "problemTypes": [{"descriptions": [{"description": "DoS", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-03-27T09:57:01", "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5"}, "references": [{"name": "1040562", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040562"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K49440608"}, {"name": "103504", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/103504"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "f5sirt@f5.com", "DATE_PUBLIC": "2018-03-21T00:00:00", "ID": "CVE-2018-5509", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BIG-IP (LTM, AAM, AFM, APM, ASM, Link Controller, PEM, WebSafe)", "version": {"version_data": [{"version_value": "13.0.0"}, {"version_value": "12.1.0 - 12.1.3.1"}]}}]}, "vendor_name": "F5 Networks, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions of BIG-IP. Starting in 12.1.0, BIG-IP will crash if the configuration which exposes this issue is enabled and the virtual server receives non TCP traffic. With the fix of this issue, additional configuration validation logic has been added to prevent this configuration from being applied to a virtual server. There is only data plane exposure to this issue with a non-standard configuration. There is no control plane exposure."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "DoS"}]}]}, "references": {"reference_data": [{"name": "1040562", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040562"}, {"name": "https://support.f5.com/csp/article/K49440608", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K49440608"}, {"name": "103504", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103504"}]}}}}, "cveMetadata": {"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "assignerShortName": "f5", "cveId": "CVE-2018-5509", "datePublished": "2018-03-21T00:00:00", "dateReserved": "2018-01-12T00:00:00", "dateUpdated": "2018-03-27T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "67C67409-85E1-4E36-B19E-2F2873AC98CB", "versionEndExcluding": "12.1.3.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "894DA18C-0B22-45B1-8677-8979F1143216", "versionEndExcluding": "13.1.0.4", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "4564801B-5F7C-4BD9-B5CA-BCE3B2105438", "versionEndExcluding": "12.1.3.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "445A66D4-37C1-42A8-A1CA-1D1E2C25E1E2", "versionEndExcluding": "13.1.0.4", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "56A4DE5A-D7D7-42AC-BF6F-30DD69C25562", "versionEndExcluding": "12.1.3.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C8DAACD-71E0-4A83-A7ED-14BE366ACD1D", "versionEndExcluding": "13.1.0.4", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2C0CEBF-95C3-4229-90D6-6EF4C6E359E9", "versionEndExcluding": "12.3.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA630386-C3DC-404E-9011-8DA3CD2F5865", "versionEndExcluding": "13.1.0.4", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C075721-75D0-4E80-9522-ECA6570B37E8", "versionEndExcluding": "12.1.3.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "B23C430B-7477-4060-B68A-19B2B441F5EE", "versionEndExcluding": "13.1.0.4", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AAF6D974-BBE3-48F3-BCFD-29C2E249809C", "versionEndExcluding": "12.1.3.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0330565-B391-4121-81EB-601BAEA7BD50", "versionEndExcluding": "13.1.0.4", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F10F57F-67E5-4004-A0E7-033C561C6AC0", "versionEndExcluding": "12.1.3.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED65A801-F4BE-4067-903E-8997A13FFEF9", "versionEndExcluding": "13.1.0.4", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_websafe:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9E6556BF-A50D-4872-BF81-9397A7ECEC9C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions of BIG-IP. Starting in 12.1.0, BIG-IP will crash if the configuration which exposes this issue is enabled and the virtual server receives non TCP traffic. With the fix of this issue, additional configuration validation logic has been added to prevent this configuration from being applied to a virtual server. There is only data plane exposure to this issue with a non-standard configuration. There is no control plane exposure."}, {"lang": "es", "value": "En las versiones 13.0.0 o desde la 12.1.0 hasta la 12.1.3.1 de F5 BIG-IP, cuando un servidor virtual espec\u00edficamente configurado recibe tr\u00e1fico de naturaleza no revelada, TMM se cerrar\u00e1 inesperadamente y tomar\u00e1 la acci\u00f3n de conmutaci\u00f3n por error configurada. Esto podr\u00eda provocar una denegaci\u00f3n de servicio (DoS). La configuraci\u00f3n que expone este problema no es com\u00fan y, en general, no funciona cuando se habilita en versiones anteriores de BIG-IP. Desde la versi\u00f3n 12.1.0, BIG-IP se cerrar\u00e1 inesperadamente si la configuraci\u00f3n que expone este problema est\u00e1 habilitada y el servidor virtual recibe tr\u00e1fico de un tipo distinto a TCP. Con la soluci\u00f3n a este problema, se ha a\u00f1adido l\u00f3gica de validaci\u00f3n de configuraci\u00f3n adicional para evitar que se aplique esta configuraci\u00f3n en un servidor virtual. Solo hay exposici\u00f3n del plano de datos a este problema con una configuraci\u00f3n no est\u00e1ndar. No hay ninguna exposici\u00f3n del plano de control."}], "id": "CVE-2018-5509", "lastModified": "2018-04-20T17:10:04.260", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-22T18:29:00.793", "references": [{"source": "f5sirt@f5.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103504"}, {"source": "f5sirt@f5.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040562"}, {"source": "f5sirt@f5.com", "tags": ["Vendor Advisory"], "url": "https://support.f5.com/csp/article/K49440608"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}