cbcvebase.
CVE-2018-15330
published 2018-12-20

CVE-2018-15330: On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the inflate functionality to process a gzip bomb as a payload, the…

high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the inflate functionality to process a gzip bomb as a payload, the BIG-IP system will experience a fatal error and may cause the Traffic Management Microkernel (TMM) to produce a core file.

Affected

52 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip_aam
f5big-ip_access_policy_manager12.1.0 – 12.1.3.7
f5big-ip_access_policy_manager13.0.0 – 13.1.1.1
f5big-ip_access_policy_manager14.0.0 – 14.0.0.2
f5big-ip_advanced_firewall_manager12.1.0 – 12.1.3.7
f5big-ip_advanced_firewall_manager13.0.0 – 13.1.1.1
f5big-ip_advanced_firewall_manager14.0.0 – 14.0.0.2
f5big-ip_afm
f5big-ip_analytics
f5big-ip_analytics12.1.0 – 12.1.3.7
f5big-ip_analytics13.0.0 – 13.1.1.1
f5big-ip_analytics14.0.0 – 14.0.0.2
f5big-ip_apm
f5big-ip_application_acceleration_manager12.1.0 – 12.1.3.7
f5big-ip_application_acceleration_manager13.0.0 – 13.1.1.1
f5big-ip_application_acceleration_manager14.0.0 – 14.0.0.2
f5big-ip_application_security_manager12.1.0 – 12.1.3.7
f5big-ip_application_security_manager13.0.0 – 13.1.1.1
f5big-ip_application_security_manager14.0.0 – 14.0.0.2
f5big-ip_asm
f5big-ip_dns
f5big-ip_domain_name_system12.1.0 – 12.1.3.7
f5big-ip_domain_name_system13.0.0 – 13.1.1.1
f5big-ip_domain_name_system14.0.0 – 14.0.0.2
f5big-ip_edge_gateway