K72442354 : TMM vulnerability CVE-2018-15320

2018-10-3000:00:00

my.f5.com

0.001 Low

EPSS

Percentile

47.2%

JSON

Security Advisory Description

Undisclosed traffic patterns may lead to denial of service conditions for the BIG-IP system. The configuration which exposes this condition is the BIG-IP self IP address which is part of a VLAN group and has the Port Lockdown setting configured with anything other than “allow-all”. (CVE-2018-15320)

Impact

BIG-IP

The data plane of the BIG-IP virtual servers and the management address are not affected. The BIG-IP self IP address that has the Port Lockdown setting configured with anything other thanallow-all is affected by this vulnerability.

BIG-IQ / iWorkflow / Enterprise Manager / Traffix SDC

There is no impact on these F5 products; they are not affected by this vulnerability.

CPENameOperatorVersion
big-iq centralized managementeq4.6.0
big-iq centralized managementeq5.0.0
big-iq centralized managementeq5.1.0
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-ip afmeq11.5.1
big-ip afmeq11.5.2

Name	Operator	Version
big-iq centralized management	eq	4.6.0
big-iq centralized management	eq	5.0.0
big-iq centralized management	eq	5.1.0
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2

Rows per page:

1-10 of 2091

0.001 Low

EPSS

Percentile

47.2%

JSON

Related for F5:K72442354