VAR-201803-1814
Vulnerability from variot - Updated: 2023-12-18 13:52On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate authentication is not enabled by default in Client SSL profile. There is no control plane exposure. plural F5 BIG-IP The product contains a certificate validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. There are security vulnerabilities in several F5 products. F5 BIG-IP LTM, etc. The following products and versions are affected: BIG-IP LTM version 13.0.0 through 13.1.0.3; BIG-IP AAM version 13.0.0 through 13.1.0.3; BIG-IP AFM version 13.0.0 through 13.1.0.3; BIG -IP Analytics version 13.0.0 to 13.1.0.3; BIG-IP APM version 13.0.0 to 13.1.0.3; BIG-IP ASM version 13.0.0 to 13.1.0.3; BIG-IP DNS version 13.0.0 to Version 13.1.0.3; BIG-IP Edge Gateway Version 13.0.0 through Version 13.1.0.3; BIG-IP GTM Version 13.0.0 through Version 13.1.0.3; BIG-IP Link Controller Version 13.0.0 through Version 13.1.0.3; BIG -IP PEM version 13.0.0 to 13.1.0.3; BIG-IP WebAccelerator version 13.0.0 to 13.1.0.3; BIG-IP WebSafe version 13.0.0 to 13.1.0.3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1814",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "1.0.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip link controller",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip application security manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip analytics",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip pem",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0,\u003c=13.1.0.3"
},
{
"model": "big-ip ltm",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0,\u003c=13.1.0.3"
},
{
"model": "big-ip aam",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0,\u003c=13.1.0.3"
},
{
"model": "big-ip afm",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0\u003c=13.1.0.3"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0,\u003c=13.1.0.3"
},
{
"model": "big-ip apm",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0\u003c=13.1.0.3"
},
{
"model": "big-ip asm",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0\u003c=13.1.0.3"
},
{
"model": "big-ip dns",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0\u003c=13.1.0.3"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0,\u003c=13.1.0.3"
},
{
"model": "big-ip gtm",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0,\u003c=13.1.0.3"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0,\u003c=13.1.0.3"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0,\u003c=13.1.0.3"
},
{
"model": "big-ip websafe",
"scope": "gte",
"trust": 0.6,
"vendor": "f5",
"version": "13.0.0,\u003c=13.1.0.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06868"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003486"
},
{
"db": "NVD",
"id": "CVE-2018-5502"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-792"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5502"
}
]
},
"cve": "CVE-2018-5502",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-5502",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-06868",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-135533",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-5502",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5502",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-06868",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-792",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-135533",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06868"
},
{
"db": "VULHUB",
"id": "VHN-135533"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003486"
},
{
"db": "NVD",
"id": "CVE-2018-5502"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-792"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate authentication is not enabled by default in Client SSL profile. There is no control plane exposure. plural F5 BIG-IP The product contains a certificate validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. There are security vulnerabilities in several F5 products. F5 BIG-IP LTM, etc. The following products and versions are affected: BIG-IP LTM version 13.0.0 through 13.1.0.3; BIG-IP AAM version 13.0.0 through 13.1.0.3; BIG-IP AFM version 13.0.0 through 13.1.0.3; BIG -IP Analytics version 13.0.0 to 13.1.0.3; BIG-IP APM version 13.0.0 to 13.1.0.3; BIG-IP ASM version 13.0.0 to 13.1.0.3; BIG-IP DNS version 13.0.0 to Version 13.1.0.3; BIG-IP Edge Gateway Version 13.0.0 through Version 13.1.0.3; BIG-IP GTM Version 13.0.0 through Version 13.1.0.3; BIG-IP Link Controller Version 13.0.0 through Version 13.1.0.3; BIG -IP PEM version 13.0.0 to 13.1.0.3; BIG-IP WebAccelerator version 13.0.0 to 13.1.0.3; BIG-IP WebSafe version 13.0.0 to 13.1.0.3",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5502"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003486"
},
{
"db": "CNVD",
"id": "CNVD-2018-06868"
},
{
"db": "VULHUB",
"id": "VHN-135533"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5502",
"trust": 3.1
},
{
"db": "SECTRACK",
"id": "1040561",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003486",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-06868",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201803-792",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-135533",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06868"
},
{
"db": "VULHUB",
"id": "VHN-135533"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003486"
},
{
"db": "NVD",
"id": "CVE-2018-5502"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-792"
}
]
},
"id": "VAR-201803-1814",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06868"
},
{
"db": "VULHUB",
"id": "VHN-135533"
}
],
"trust": 1.1440100783333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06868"
}
]
},
"last_update_date": "2023-12-18T13:52:43.497000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "K43121447",
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k43121447"
},
{
"title": "Patch for F5BIG-IP Denial of Service Vulnerability (CNVD-2018-06868)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/124599"
},
{
"title": "Multiple F5 Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79360"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06868"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003486"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-792"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135533"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003486"
},
{
"db": "NVD",
"id": "CVE-2018-5502"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k43121447"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1040561"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5502"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5502"
},
{
"trust": 0.6,
"url": "https://securitytracker.com/id/1040561"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06868"
},
{
"db": "VULHUB",
"id": "VHN-135533"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003486"
},
{
"db": "NVD",
"id": "CVE-2018-5502"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-792"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-06868"
},
{
"db": "VULHUB",
"id": "VHN-135533"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003486"
},
{
"db": "NVD",
"id": "CVE-2018-5502"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-792"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-06868"
},
{
"date": "2018-03-22T00:00:00",
"db": "VULHUB",
"id": "VHN-135533"
},
{
"date": "2018-05-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003486"
},
{
"date": "2018-03-22T18:29:00.510000",
"db": "NVD",
"id": "CVE-2018-5502"
},
{
"date": "2018-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-792"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-06868"
},
{
"date": "2018-04-20T00:00:00",
"db": "VULHUB",
"id": "VHN-135533"
},
{
"date": "2018-05-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003486"
},
{
"date": "2018-04-20T17:04:20.017000",
"db": "NVD",
"id": "CVE-2018-5502"
},
{
"date": "2018-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-792"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-792"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural F5 BIG-IP Certificate validation vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003486"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-792"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…