CVE-2018-5538 — F5 Big-ip Domain Name System vulnerability

4 documents4 sources

Severity

3.7LOWNVD

EPSS

0.4%

top 40.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Big-ip Domain Name System F5 Big-ip Global Traffic Manager F5 Big-ip Link Controller +2 more

Timeline

PublishedJul 25

Latest updateMay 13

Description

On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the 'Allow NOTIFY From' configuration parameter when the db variable "dnsexpress.notifyport" is set to any value other than the default of "0".

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages5 packages

▶NVDf5/big-ip_link_controller12.1.3 — 12.1.3.5+1

▶NVDf5/big-ip_domain_name_system12.1.3 — 12.1.3.5+1

▶NVDf5/big-ip_local_traffic_manager12.1.3 — 12.1.3.5+1

▶NVDf5/big-ip_global_traffic_manager12.1.3 — 12.1.3.5+1

▶CVEListV5f5_networks_inc/big-ip12.1.3-12.1.3.5, 13.1.0-13.1.0.7+1

🔴Vulnerability Details

GHSA

GHSA-vjx8-8j32-57mf: On F5 BIG-IP DNS 13↗2022-05-13

▶

CVEList

CVE-2018-5538: On F5 BIG-IP DNS 13↗2018-07-25

▶

📋Vendor Advisories

CVE-2018-5538: On F5 BIG-IP DNS 13↗2018-07-25

▶