CVE-2018-5537

Summary

A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from the back end.

Affected Software

VendorProductVersion RangeStatus
F5 Networks, Inc.BIG-IP (LTM, AAM, AFM, APM, ASM, Edge Gateway, GTM, PEM, WebAccelerator, WebSafe)13.0.0-13.1.0.5affected
F5 Networks, Inc.BIG-IP (LTM, AAM, AFM, APM, ASM, Edge Gateway, GTM, PEM, WebAccelerator, WebSafe)12.1.0-12.1.3.5affected
F5 Networks, Inc.BIG-IP (LTM, AAM, AFM, APM, ASM, Edge Gateway, GTM, PEM, WebAccelerator, WebSafe)11.6.0-11.6.3.1affected
F5 Networks, Inc.BIG-IP (LTM, AAM, AFM, APM, ASM, Edge Gateway, GTM, PEM, WebAccelerator, WebSafe)11.2.1-11.5.6affected

Weaknesses

  • DoS

ADP Enrichment

CVE Program Container

Additional References

References