CVE-2018-5524
published 2018-06-01CVE-2018-5524: Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL…
medium5.3CVSS 3.0
AVNACLPRNUINSUCNINAL
Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module (HSM) functionality are exposed and impacted by this issue.
Affected
44 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip_aam | — | — |
| f5 | big-ip_access_policy_manager | 11.6.1 – 11.6.3 | — |
| f5 | big-ip_access_policy_manager | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_access_policy_manager | 13.0.0 – 13.0.1 | — |
| f5 | big-ip_advanced_firewall_manager | 11.6.1 – 11.6.3 | — |
| f5 | big-ip_advanced_firewall_manager | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 – 13.0.1 | — |
| f5 | big-ip_afm | — | — |
| f5 | big-ip_analytics | — | — |
| f5 | big-ip_analytics | 11.6.1 – 11.6.3 | — |
| f5 | big-ip_analytics | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_analytics | 13.0.0 – 13.0.1 | — |
| f5 | big-ip_apm | — | — |
| f5 | big-ip_application_acceleration_manager | 11.6.1 – 11.6.3 | — |
| f5 | big-ip_application_acceleration_manager | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_application_acceleration_manager | 13.0.0 – 13.0.1 | — |
| f5 | big-ip_application_security_manager | 11.6.1 – 11.6.3 | — |
| f5 | big-ip_application_security_manager | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_application_security_manager | 13.0.0 – 13.0.1 | — |
| f5 | big-ip_asm | — | — |
| f5 | big-ip_edge_gateway | — | — |
| f5 | big-ip_edge_gateway | 11.6.1 – 11.6.3 | — |
| f5 | big-ip_edge_gateway | 12.1.0 – 12.1.3 | — |
| f5 | big-ip_edge_gateway | 13.0.0 – 13.0.1 | — |
| f5 | big-ip_fps | — | — |