CVE-2018-5514

Summary

On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue.

Affected Software

VendorProductVersion RangeStatus
F5 Networks, Inc.BIG-IP (LTM, AAM, AFM, APM, ASM, Link Controller, PEM, WebAccelerator, WebSafe)13.1.0-13.1.0.5affected

Weaknesses

  • DoS

ADP Enrichment

CVE Program Container

Additional References

References