CVE-2015-5058

Published: Aug 24, 2015Modified: May 6, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted ICMP packets.

Affected (31)

Products: F5: Big Ip Access Policy Manager, Big Ip Advanced Firewall Manager, Big Ip Analytics, Big Ip Application Acceleration Manager, Big Ip Application Security Manager, Big Ip Global Traffic Manager, Big Ip Link Controller, Big Ip Local Traffic Manager, Big Iq Adc, Big Iq Cloud, Big Iq Device, Big Iq Security

12 products

Big Ip Access Policy Manager

Big Ip Advanced Firewall Manager

Big Ip Analytics

Big Ip Application Acceleration Manager

Big Ip Application Security Manager

Big Ip Global Traffic Manager

Big Ip Link Controller

Big Ip Local Traffic Manager

Configuration A

31 vulnerable

Vulnerable Software	Affected Versions
F5 Big Ip Access Policy Manager	Version 11.5.1
F5 Big Ip Access Policy Manager	Version 11.5.3
F5 Big Ip Access Policy Manager	Version 11.6.0
F5 Big Ip Advanced Firewall Manager	Version 11.5.1
F5 Big Ip Advanced Firewall Manager	Version 11.5.3
F5 Big Ip Advanced Firewall Manager	Version 11.6.0
F5 Big Ip Analytics	Version 11.5.1
F5 Big Ip Analytics	Version 11.5.3
F5 Big Ip Analytics	Version 11.6.0
F5 Big Ip Application Acceleration Manager	Version 11.5.1
F5 Big Ip Application Acceleration Manager	Version 11.5.3
F5 Big Ip Application Acceleration Manager	Version 11.6.0
F5 Big Ip Application Security Manager	Version 11.5.1
F5 Big Ip Application Security Manager	Version 11.5.3
F5 Big Ip Application Security Manager	Version 11.6.0
F5 Big Ip Global Traffic Manager	Version 11.5.1
F5 Big Ip Global Traffic Manager	Version 11.5.3
F5 Big Ip Global Traffic Manager	Version 11.6.0
F5 Big Ip Link Controller	Version 11.5.1
F5 Big Ip Link Controller	Version 11.5.3
F5 Big Ip Link Controller	Version 11.6.0
F5 Big Ip Local Traffic Manager	Version 11.5.1
F5 Big Ip Local Traffic Manager	Version 11.5.3
F5 Big Ip Local Traffic Manager	Version 11.6.0
F5 Big Iq Adc	Version 4.5.0
F5 Big Iq Cloud	Version 4.4.0
F5 Big Iq Cloud	Version 4.5.0
F5 Big Iq Device	Version 4.4.0
F5 Big Iq Device	Version 4.5.0
F5 Big Iq Security	Version 4.4.0
F5 Big Iq Security	Version 4.5.0

Related CWEs

CWE-399

References (4)

http://www.securitytracker.com/id/1033334

Source: cve@mitre.org

https://support.f5.com/kb/en-us/solutions/public/17000/000/sol17047.html

Source: cve@mitre.org

Vendor Advisory

http://www.securitytracker.com/id/1033334

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.f5.com/kb/en-us/solutions/public/17000/000/sol17047.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.