Details of VAR-201807-2203

ID

VAR-201807-2203

CVE

CVE-2018-5538

TITLE

plural F5 BIG-IP Vulnerabilities related to security functions in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-008087

DESCRIPTION

On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the 'Allow NOTIFY From' configuration parameter when the db variable "dnsexpress.notifyport" is set to any value other than the default of "0". plural F5 BIG-IP The product contains vulnerabilities related to security functions.Information may be tampered with. F5BIG-IP is an all-in-one network device that integrates network traffic management, application security management, load balancing and other functions. BIG-IPDNS is one of the traffic managers. A security vulnerability exists in F5BIG-IPDNS version 13.1.0 to 13.1.0.7 and 12.1.3 to 12.1.3.5. The vulnerability stems from setting the database variable 'dnsexpress.notifyport' to something other than the default '0' value. The source IP address of the NOTIF message received by DNSExpress/DNSZones on the management interface is not in the configuration parameter 'AllowNOTIFYFrom'. This vulnerability could be exploited by an attacker to cause DNS Express to continuously detect updates. Multiple F5 BIG-IP Products are prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks

Trust: 2.52

sources: NVD: CVE-2018-5538 // JVNDB: JVNDB-2018-008087 // CNVD: CNVD-2018-21231 // BID: 107012 // VULHUB: VHN-135569

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-21231

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gt	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	12.1.3	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	12.1.3	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	12.1.3	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	12.1.3	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip global traffic manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip link controller	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip local traffic manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip dns	scope:	gte	version:	13.1.0,<=13.1.0.7	Trust: 0.6
vendor:	f5	model:	big-ip dns	scope:	gte	version:	12.1.3<=12.1.3.5	Trust: 0.6
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	13.1	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	ne	version:	13.1.0.8	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	ne	version:	12.1.3.6	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	ne	version:	13.1.0.8	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	ne	version:	12.1.3.6	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	ne	version:	13.1.0.8	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	ne	version:	12.1.3.6	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	ne	version:	13.1.0.8	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	ne	version:	12.1.3.6	Trust: 0.3

sources: CNVD: CNVD-2018-21231 // BID: 107012 // JVNDB: JVNDB-2018-008087 // NVD: CVE-2018-5538

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-5538
value:	LOW
Trust: 1.0
NVD:	CVE-2018-5538
value:	LOW
Trust: 0.8
CNVD:	CNVD-2018-21231
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201807-1842
value:	LOW
Trust: 0.6
VULHUB:	VHN-135569
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-5538
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-21231
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-135569
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-5538
baseSeverity:	LOW
baseScore:	3.7
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-21231 // VULHUB: VHN-135569 // JVNDB: JVNDB-2018-008087 // CNNVD: CNNVD-201807-1842 // NVD: CVE-2018-5538

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-254	Trust: 0.9

sources: VULHUB: VHN-135569 // JVNDB: JVNDB-2018-008087 // NVD: CVE-2018-5538

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201807-1842

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201807-1842

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-008087

PATCH

title:	K45435121	url:	https://support.f5.com/csp/article/K45435121	Trust: 0.8
title:	F5BIG-IPDNS design vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/142761	Trust: 0.6
title:	F5 BIG-IP DNS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82620	Trust: 0.6

sources: CNVD: CNVD-2018-21231 // JVNDB: JVNDB-2018-008087 // CNNVD: CNNVD-201807-1842

EXTERNAL IDS

db:	NVD	id:	CVE-2018-5538	Trust: 3.4
db:	JVNDB	id:	JVNDB-2018-008087	Trust: 0.8
db:	CNNVD	id:	CNNVD-201807-1842	Trust: 0.7
db:	CNVD	id:	CNVD-2018-21231	Trust: 0.6
db:	BID	id:	107012	Trust: 0.3
db:	VULHUB	id:	VHN-135569	Trust: 0.1

sources: CNVD: CNVD-2018-21231 // VULHUB: VHN-135569 // BID: 107012 // JVNDB: JVNDB-2018-008087 // CNNVD: CNNVD-201807-1842 // NVD: CVE-2018-5538

REFERENCES

url:	https://support.f5.com/csp/article/k45435121	Trust: 2.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5538	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5538	Trust: 0.8
url:	http://www.f5.com/products/big-ip/	Trust: 0.3

sources: CNVD: CNVD-2018-21231 // VULHUB: VHN-135569 // BID: 107012 // JVNDB: JVNDB-2018-008087 // CNNVD: CNNVD-201807-1842 // NVD: CVE-2018-5538

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 107012

SOURCES

db:	CNVD	id:	CNVD-2018-21231
db:	VULHUB	id:	VHN-135569
db:	BID	id:	107012
db:	JVNDB	id:	JVNDB-2018-008087
db:	CNNVD	id:	CNNVD-201807-1842
db:	NVD	id:	CVE-2018-5538

LAST UPDATE DATE

2024-11-23T22:12:26.838000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-21231	date:	2018-10-18T00:00:00
db:	VULHUB	id:	VHN-135569	date:	2019-10-03T00:00:00
db:	BID	id:	107012	date:	2018-07-25T00:00:00
db:	JVNDB	id:	JVNDB-2018-008087	date:	2018-10-09T00:00:00
db:	CNNVD	id:	CNNVD-201807-1842	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2018-5538	date:	2024-11-21T04:09:01.617

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-21231	date:	2018-10-18T00:00:00
db:	VULHUB	id:	VHN-135569	date:	2018-07-25T00:00:00
db:	BID	id:	107012	date:	2018-07-25T00:00:00
db:	JVNDB	id:	JVNDB-2018-008087	date:	2018-10-09T00:00:00
db:	CNNVD	id:	CNNVD-201807-1842	date:	2018-07-26T00:00:00
db:	NVD	id:	CVE-2018-5538	date:	2018-07-25T14:29:00.383