CVE-2015-5516
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets.
Affected (193)
Products: F5: Big Iq Application Delivery Controller, Big Ip Local Traffic Manager, Big Ip Access Policy Manager, Big Ip Edge Gateway, Big Ip Application Security Manager, Big Iq Security, Big Ip Wan Optimization Manager, Big Ip Global Traffic Manager, Big Ip Link Controller, Big Ip Advanced Firewall Manager, Big Ip Policy Enforcement Manager, Big Iq Cloud, Big Ip Application Acceleration Manager, Big Iq Device, Big Ip Enterprise Manager, Big Ip Webaccelerator, Big Ip Analytics, Big Ip Protocol Security Module
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.5.0 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.0.0 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.1.0 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.1.0 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.1.0 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.0 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.1.0 |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.1.0 |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.1.0 |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.0 |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.4.0 |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.2.0 |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.0.0 |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.1.0 |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.0.0 |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.1.0 |
Related CWEs
References (6)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.