TMM Crash Vulnerability in F5 BIG-IP Products
CVE-2018-5522
Key Information:
- Vendor
- F5
- Vendor
- CVE Published:
- 1 June 2018
Summary
A vulnerability exists in F5 BIG-IP where the Traffic Management Microkernel (TMM) can crash when processing DIAMETER transactions containing specially crafted attribute-value pairs. This flaw affects various versions of BIG-IP across multiple releases, creating a potential denial of service scenario and impacting the availability of services relying on the affected products.
Affected Version(s)
BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 13.0.0
BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 12.0.0-12.1.2
BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 11.6.1-11.6.3.1
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved