On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/104097 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040804 | Third Party Advisory VDB Entry |
https://support.f5.com/csp/article/K45320419 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: f5
Published: 2018-04-30T00:00:00
Updated: 2018-05-08T09:57:01
Reserved: 2018-01-12T00:00:00
Link: CVE-2018-5514
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-05-02T13:29:00.473
Modified: 2018-06-13T17:10:00.630
Link: CVE-2018-5514
JSON object: View
Redhat Information
No data.
CWE