Details of VAR-201803-1811

ID

VAR-201803-1811

CVE

CVE-2018-5509

TITLE

plural F5 BIG-IP Vulnerability related to input validation in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-003490

DESCRIPTION

On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions of BIG-IP. Starting in 12.1.0, BIG-IP will crash if the configuration which exposes this issue is enabled and the virtual server receives non TCP traffic. With the fix of this issue, additional configuration validation logic has been added to prevent this configuration from being applied to a virtual server. There is only data plane exposure to this issue with a non-standard configuration. There is no control plane exposure. plural F5 BIG-IP The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. There are security vulnerabilities in several F5 products. An attacker could exploit the vulnerability to cause TMM to crash and fail over, resulting in a denial of service. F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM version 13.0.0 and 12.1.0 through 12.1.3.1; BIG-IP AAM version 13.0.0 and 12.1.0 through 12.1.3.1; BIG-IP AFM 13.0.0 and 12.1.0 through 12.1.3.1; BIG-IP APM 13.0.0 and 12.1.0 through 12.1.3.1; BIG-IP ASM 13.0.0 and 12.1.0 through 12.1. Version 3.1; BIG-IP Link Controller Version 13.0.0 and Version 12.1.0 through Version 12.1.3.1; BIG-IP PEM Version 13.0.0 and Version 12.1.0 through Version 12.1.3.1; BIG-IP WebSafe Version 13.0.0 and versions 12.1.0 through 12.1.3.1

Trust: 2.52

sources: NVD: CVE-2018-5509 // JVNDB: JVNDB-2018-003490 // CNVD: CNVD-2018-06872 // BID: 103504 // VULHUB: VHN-135540

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-06872

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip websafe	scope:	eq	version:	1.0.0	Trust: 1.6
vendor:	f5	model:	big-ip websafe	scope:	eq	version:	13.0.0	Trust: 1.4
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	13.0.0	Trust: 1.4
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	13.1.0.4	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	12.1.3.2	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lt	version:	13.1.0.4	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lt	version:	12.1.3.2	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lt	version:	12.1.3.2	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lt	version:	12.1.3.2	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lt	version:	13.1.0.4	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lt	version:	13.1.0.4	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lt	version:	13.1.0.4	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lt	version:	13.1.0.4	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lt	version:	12.1.3.2	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lt	version:	13.1.0.4	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lt	version:	12.1.3.2	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lt	version:	12.3.1.2	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.1.1	Trust: 0.9
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	12.1.0 to 12.1.3	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	13.0.0	Trust: 0.8
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	12.1.0 to 12.1.3	Trust: 0.8
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	13.0.0	Trust: 0.8
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	12.1.0 to 12.1.3	Trust: 0.8
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	13.0.0	Trust: 0.8
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	12.1.0 to 12.1.3	Trust: 0.8
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	13.0.0	Trust: 0.8
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.1.0 to 12.1.3	Trust: 0.8
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	12.1.0 to 12.1.3	Trust: 0.8
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	13.0.0	Trust: 0.8
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	12.1.0 to 12.1.3	Trust: 0.8
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	13.0.0	Trust: 0.8
vendor:	f5	model:	big-ip websafe	scope:	eq	version:	12.1.0 to 12.1.3	Trust: 0.8
vendor:	f5	model:	big-ip apm	scope:	eq	version:	13.0.0	Trust: 0.6
vendor:	f5	model:	big-ip aam	scope:	eq	version:	13.0.0	Trust: 0.6
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	13.0.0	Trust: 0.6
vendor:	f5	model:	big-ip afm	scope:	eq	version:	13.0.0	Trust: 0.6
vendor:	f5	model:	big-ip asm	scope:	eq	version:	13.0.0	Trust: 0.6
vendor:	f5	model:	big-ip pem	scope:	eq	version:	13.0.0	Trust: 0.6
vendor:	f5	model:	big-ip asm	scope:	gte	version:	12.1.0,<=12.1.3.1	Trust: 0.6
vendor:	f5	model:	big-ip ltm	scope:	gte	version:	12.1.0,<=12.1.3.1	Trust: 0.6
vendor:	f5	model:	big-ip aam	scope:	gte	version:	12.1.0,<=12.1.3.1	Trust: 0.6
vendor:	f5	model:	big-ip afm	scope:	gte	version:	12.1.0,<=12.1.3.1	Trust: 0.6
vendor:	f5	model:	big-ip apm	scope:	gte	version:	12.1.0,<=12.1.3.1	Trust: 0.6
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	12.1.0,<=12.1.3.1	Trust: 0.6
vendor:	f5	model:	big-ip pem	scope:	gte	version:	12.1.0,<=12.1.3.1	Trust: 0.6
vendor:	f5	model:	big-ip websafe	scope:	gte	version:	12.1.0,<=12.1.3.1	Trust: 0.6
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	12.1.1	Trust: 0.6
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	12.1.1	Trust: 0.6
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	12.1.1	Trust: 0.6
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	12.1.1	Trust: 0.6
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	12.1.1	Trust: 0.6
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	12.1.1	Trust: 0.6
vendor:	f5	model:	big-ip websafe	scope:	eq	version:	13.0	Trust: 0.3
vendor:	f5	model:	big-ip websafe	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip websafe	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip websafe	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip websafe hf2	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip websafe hf1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip websafe	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	13.0	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip pem hf2	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip pem hf1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	13.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf2	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	13.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf2	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	13.0.0	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	13.0	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	13.0	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip asm hf2	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip asm hf1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip asm hf1	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	13.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf2	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	13.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	13.0	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip afm hf2	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip afm hf1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	13.0	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip aam hf2	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip aam hf1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip websafe	scope:	ne	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip websafe	scope:	ne	version:	12.1.3.2	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	ne	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	ne	version:	12.1.3.2	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	ne	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	ne	version:	12.1.3.2	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	ne	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	ne	version:	12.1.3.2	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	ne	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	ne	version:	12.1.3.2	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	ne	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	ne	version:	12.1.3.2	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	ne	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	ne	version:	12.1.3.2	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	ne	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	ne	version:	12.1.3.2	Trust: 0.3

sources: CNVD: CNVD-2018-06872 // BID: 103504 // JVNDB: JVNDB-2018-003490 // CNNVD: CNNVD-201803-788 // NVD: CVE-2018-5509

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-5509
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-5509
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-06872
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201803-788
value:	HIGH
Trust: 0.6
VULHUB:	VHN-135540
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-5509
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-06872
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-135540
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-5509
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-06872 // VULHUB: VHN-135540 // JVNDB: JVNDB-2018-003490 // CNNVD: CNNVD-201803-788 // NVD: CVE-2018-5509

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-135540 // JVNDB: JVNDB-2018-003490 // NVD: CVE-2018-5509

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-788

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201803-788

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-003490

PATCH

title:	K49440608	url:	https://support.f5.com/csp/article/K49440608	Trust: 0.8
title:	Patch for F5BIG-IP Denial of Service Vulnerability (CNVD-2018-06872)	url:	https://www.cnvd.org.cn/patchInfo/show/124597	Trust: 0.6
title:	Multiple F5 Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79356	Trust: 0.6

sources: CNVD: CNVD-2018-06872 // JVNDB: JVNDB-2018-003490 // CNNVD: CNNVD-201803-788

EXTERNAL IDS

db:	NVD	id:	CVE-2018-5509	Trust: 3.4
db:	BID	id:	103504	Trust: 2.0
db:	SECTRACK	id:	1040562	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-003490	Trust: 0.8
db:	CNVD	id:	CNVD-2018-06872	Trust: 0.6
db:	NSFOCUS	id:	39194	Trust: 0.6
db:	CNNVD	id:	CNNVD-201803-788	Trust: 0.6
db:	VULHUB	id:	VHN-135540	Trust: 0.1

sources: CNVD: CNVD-2018-06872 // VULHUB: VHN-135540 // BID: 103504 // JVNDB: JVNDB-2018-003490 // CNNVD: CNNVD-201803-788 // NVD: CVE-2018-5509

REFERENCES

url:	https://support.f5.com/csp/article/k49440608	Trust: 2.0
url:	http://www.securityfocus.com/bid/103504	Trust: 1.1
url:	http://www.securitytracker.com/id/1040562	Trust: 1.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5509	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5509	Trust: 0.8
url:	https://securitytracker.com/id/1040562	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/39194	Trust: 0.6
url:	http://www.f5.com/products/big-ip/	Trust: 0.3

sources: CNVD: CNVD-2018-06872 // VULHUB: VHN-135540 // BID: 103504 // JVNDB: JVNDB-2018-003490 // CNNVD: CNNVD-201803-788 // NVD: CVE-2018-5509

CREDITS

The vendor reported the issue.

Trust: 0.3

sources: BID: 103504

SOURCES

db:	CNVD	id:	CNVD-2018-06872
db:	VULHUB	id:	VHN-135540
db:	BID	id:	103504
db:	JVNDB	id:	JVNDB-2018-003490
db:	CNNVD	id:	CNNVD-201803-788
db:	NVD	id:	CVE-2018-5509

LAST UPDATE DATE

2024-11-23T22:22:11.416000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-06872	date:	2018-04-02T00:00:00
db:	VULHUB	id:	VHN-135540	date:	2018-04-20T00:00:00
db:	BID	id:	103504	date:	2018-03-22T00:00:00
db:	JVNDB	id:	JVNDB-2018-003490	date:	2018-05-24T00:00:00
db:	CNNVD	id:	CNNVD-201803-788	date:	2018-03-23T00:00:00
db:	NVD	id:	CVE-2018-5509	date:	2024-11-21T04:08:57.197

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-06872	date:	2018-04-02T00:00:00
db:	VULHUB	id:	VHN-135540	date:	2018-03-22T00:00:00
db:	BID	id:	103504	date:	2018-03-22T00:00:00
db:	JVNDB	id:	JVNDB-2018-003490	date:	2018-05-24T00:00:00
db:	CNNVD	id:	CNNVD-201803-788	date:	2018-03-23T00:00:00
db:	NVD	id:	CVE-2018-5509	date:	2018-03-22T18:29:00.793