cbcvebase.
CVE-2018-5537
published 2018-07-25

CVE-2018-5537: A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is…

medium5.3CVSS 3.0
AVNACHPRNUIRSUCNINAH
A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from the back end.

Affected

50 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip_aam
f5big-ip_access_policy_manager11.2.1 – 11.5.6
f5big-ip_access_policy_manager11.6.0 – 11.6.3.1
f5big-ip_access_policy_manager12.1.0 – 12.1.3.5
f5big-ip_access_policy_manager13.0.0 – 13.1.0.5
f5big-ip_advanced_firewall_manager11.2.1 – 11.5.6
f5big-ip_advanced_firewall_manager11.6.0 – 11.6.3.1
f5big-ip_advanced_firewall_manager12.1.0 – 12.1.2
f5big-ip_advanced_firewall_manager13.0.0 – 13.1.0.5
f5big-ip_afm
f5big-ip_apm
f5big-ip_application_acceleration_manager11.2.1 – 11.5.6
f5big-ip_application_acceleration_manager11.6.0 – 11.6.3.1
f5big-ip_application_acceleration_manager12.1.0 – 12.1.3.5
f5big-ip_application_acceleration_manager13.0.0 – 13.1.0.5
f5big-ip_application_security_manager10.1.0 – 11.5.6
f5big-ip_application_security_manager11.6.0 – 11.6.3.1
f5big-ip_application_security_manager12.1.0 – 12.1.3.5
f5big-ip_application_security_manager13.0.0 – 13.1.0.5
f5big-ip_asm
f5big-ip_edge_gateway
f5big-ip_edge_gateway11.2.1 – 11.5.6
f5big-ip_edge_gateway11.6.0 – 11.6.3.1
f5big-ip_edge_gateway12.1.0 – 12.1.3.5
f5big-ip_edge_gateway13.0.0 – 13.1.0.5