Denial-of-Service Risk in F5 BIG-IP Systems Due to Websockets Handling Issue
CVE-2018-5504

8.1HIGH

Key Information:

Vendor: F5
Status: Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Gtm, Link Controller, Pem, Webaccelerator, Websafe)
Vendor: CVE Published:; 22 March 2018

What is CVE-2018-5504?

The Traffic Management Microkernel (TMM) in F5 BIG-IP systems is susceptible to vulnerabilities when handling malformed Websockets requests and responses. This could potentially allow remote attackers to trigger denial-of-service conditions or execute arbitrary code, particularly affecting specific versions of the BIG-IP software. Users of affected versions should apply available patches to mitigate risks.

Affected Version(s)

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 13.0.0 - 13.1.0.3

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 12.1.0 - 12.1.3.1

References

http://www.securitytracker.com/id/1040558

vdb-entryx_refsource_SECTRACK

https://support.f5.com/csp/article/K11718033

x_refsource_CONFIRM

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 22, 2018
Vulnerability Reserved
Jan 12, 2018