Details of VAR-201804-1265

ID

VAR-201804-1265

CVE

CVE-2018-5510

TITLE

F5 BIG-IP Product Traffic Management Microkernel Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004096

DESCRIPTION

On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel (TMM) may restart when processing a specific sequence of packets on IPv6 virtual servers. F5BIG-IPAnalytics is a set of web application performance analysis software from F5. The software provides detailed analysis of performance metrics such as transactions per second, server latency, page load time, and response throughput. TrafficManagementMicrokernel (TMM) is one of the service processes that perform traffic management. There are security vulnerabilities in TMM in several F5 products. An attacker could exploit this vulnerability to cause the TrafficManagementMicrokernel to restart. The following products and versions are affected: F5 BIG-IP Analytics 11.5.4 HF4 through 11.5.5; BIG-IP LTM 11.5.4 HF4 through 11.5.5; BIG-IP AAM 11.5.4 HF4 through 11.5. 5 version; BIG-IP AFM version 11.5.4 HF4 to version 11.5.5; BIG-IP APM version 11.5.4 HF4 to version 11.5.5; BIG-IP ASM version 11.5.4 HF4 to version 11.5.5; IP DNS 11.5.4 HF4 to 11.5.5; BIG-IP Edge 11.5.4 HF4 to 11.5.5; BIG-IP Gateway 11.5.4 HF4 to 11.5.5; BIG-IP GTM Link Controller 11.5 .4 HF4 through 11.5.5; BIG-IP PEM 11.5.4 HF4 through 11.5.5; BIG-IP WebAccelerator 11.5.4 HF4 through 11.5.5; BIG-IP WebSafe 11.5.4 HF4 through Version 11.5.5

Trust: 2.25

sources: NVD: CVE-2018-5510 // JVNDB: JVNDB-2018-004096 // CNVD: CNVD-2018-09407 // VULHUB: VHN-135541

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-09407

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	11.5.4	Trust: 1.6
vendor:	f5	model:	big-ip websafe	scope:	eq	version:	11.5.5	Trust: 1.6
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	11.5.5	Trust: 1.6
vendor:	f5	model:	big-ip websafe	scope:	eq	version:	11.5.4	Trust: 1.6
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip websafe	scope:	eq	version:	11.5.4 hf4 to 11.5.5	Trust: 0.8
vendor:	f5	model:	big-ip hf4,<=11.5.5	scope:	gte	version:	11.5.4	Trust: 0.6

sources: CNVD: CNVD-2018-09407 // JVNDB: JVNDB-2018-004096 // CNNVD: CNNVD-201804-703 // NVD: CVE-2018-5510

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-5510
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-5510
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-09407
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201804-703
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-135541
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-5510
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-09407
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-135541
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-5510
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-09407 // VULHUB: VHN-135541 // JVNDB: JVNDB-2018-004096 // CNNVD: CNNVD-201804-703 // NVD: CVE-2018-5510

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-135541 // JVNDB: JVNDB-2018-004096 // NVD: CVE-2018-5510

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-703

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201804-703

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004096

PATCH

title:	K77671456	url:	https://support.f5.com/csp/article/K77671456	Trust: 0.8
title:	Patch for various F5 products TrafficManagementMicrokernel Denial of Service Vulnerability (CNVD-2018-09407)	url:	https://www.cnvd.org.cn/patchInfo/show/128795	Trust: 0.6
title:	Multiple F5 product Traffic Management Microkernel Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80112	Trust: 0.6

sources: CNVD: CNVD-2018-09407 // JVNDB: JVNDB-2018-004096 // CNNVD: CNNVD-201804-703

EXTERNAL IDS

db:	NVD	id:	CVE-2018-5510	Trust: 3.1
db:	JVNDB	id:	JVNDB-2018-004096	Trust: 0.8
db:	CNVD	id:	CNVD-2018-09407	Trust: 0.6
db:	CNNVD	id:	CNNVD-201804-703	Trust: 0.6
db:	VULHUB	id:	VHN-135541	Trust: 0.1

sources: CNVD: CNVD-2018-09407 // VULHUB: VHN-135541 // JVNDB: JVNDB-2018-004096 // CNNVD: CNNVD-201804-703 // NVD: CVE-2018-5510

REFERENCES

url:	https://support.f5.com/csp/article/k77671456	Trust: 2.3
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5510	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5510	Trust: 0.8

sources: CNVD: CNVD-2018-09407 // VULHUB: VHN-135541 // JVNDB: JVNDB-2018-004096 // CNNVD: CNNVD-201804-703 // NVD: CVE-2018-5510

SOURCES

db:	CNVD	id:	CNVD-2018-09407
db:	VULHUB	id:	VHN-135541
db:	JVNDB	id:	JVNDB-2018-004096
db:	CNNVD	id:	CNNVD-201804-703
db:	NVD	id:	CVE-2018-5510

LAST UPDATE DATE

2024-11-23T22:34:17.852000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-09407	date:	2018-05-14T00:00:00
db:	VULHUB	id:	VHN-135541	date:	2018-05-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-004096	date:	2018-06-11T00:00:00
db:	CNNVD	id:	CNNVD-201804-703	date:	2018-04-16T00:00:00
db:	NVD	id:	CVE-2018-5510	date:	2024-11-21T04:08:57.393

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-09407	date:	2018-05-14T00:00:00
db:	VULHUB	id:	VHN-135541	date:	2018-04-13T00:00:00
db:	JVNDB	id:	JVNDB-2018-004096	date:	2018-06-11T00:00:00
db:	CNNVD	id:	CNNVD-201804-703	date:	2018-04-16T00:00:00
db:	NVD	id:	CVE-2018-5510	date:	2018-04-13T13:29:00.800