← Back

CVE-2018-5541

nvd nist
Published: Jul 25, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.5.1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process.

Affected (4)

F5
1 product
Big Ip Application Security Manager
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Application Security Manager
From 11.5.1 to 11.5.5
Big Ip Application Security Manager
From 11.6.1 to 11.6.3
Big Ip Application Security Manager
From 12.1.0 to 12.1.3
Big Ip Application Security Manager
From 13.0.0 to 13.1.0

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (4)

Source: f5sirt@f5.com
Third Party AdvisoryVDB Entry
Source: f5sirt@f5.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.