CVE-2018-5508

Published: Apr 13, 2018Modified: Nov 21, 2024

5.9

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.5.1-11.5.5, or 11.2.1, under certain conditions, TMM may crash when processing compressed data though a Virtual Server with an associated PEM profile using the content insertion option.

Affected (5)

Products: F5: Big Ip Policy Enforcement Manager

1 product

Big Ip Policy Enforcement Manager

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
F5 Big Ip Policy Enforcement Manager	From 11.5.1 to 11.5.5
F5 Big Ip Policy Enforcement Manager	From 11.6.0 to 11.6.2
F5 Big Ip Policy Enforcement Manager	From 12.0.0 to 12.1.3
F5 Big Ip Policy Enforcement Manager	Version 11.2.1
F5 Big Ip Policy Enforcement Manager	Version 13.0.0

References (2)

https://support.f5.com/csp/article/K10329515

Source: f5sirt@f5.com

Vendor Advisory

https://support.f5.com/csp/article/K10329515

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.