4.3
CVSSv2

CVE-2018-5501

Published: 01/03/2018 Updated: 23/03/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.

Affected Products

Vendor Product Versions
F5Big-ip Access Policy Manager11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Advanced Firewall Manager11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Analytics11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Application Acceleration Manager11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Application Security Manager11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Dns11.2.1, 13.0.0
F5Big-ip Edge Gateway11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Global Traffic Manager11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Link Controller11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Local Traffic Manager11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Policy Enforcement Manager11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Webaccelerator11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 11.6.2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 13.0.0
F5Big-ip Websafe11.2.1, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.1, 12.1.0, 12.1.1, 12.1.2, 13.0.0