CVE-2018-5524

Summary

Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module (HSM) functionality are exposed and impacted by this issue.

Affected Software

VendorProductVersion RangeStatus
F5 Networks, Inc.BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, FPS, Link Controller, PEM, WebAccelerator)13.0.0-13.1.0.5affected
F5 Networks, Inc.BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, FPS, Link Controller, PEM, WebAccelerator)12.1.0-12.1.3.1affected
F5 Networks, Inc.BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, FPS, Link Controller, PEM, WebAccelerator)11.6.1 HF2-11.6.3.1affected

Weaknesses

  • DoS

ADP Enrichment

CVE Program Container

Additional References

References