First published: Thu Dec 20 2018(Updated: )
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the inflate functionality to process a gzip bomb as a payload, the BIG-IP system will experience a fatal error and may cause the Traffic Management Microkernel (TMM) to produce a core file.
Credit: f5sirt@f5.com
Affected Software | Affected Version | How to fix |
---|---|---|
F5 BIG-IP Local Traffic Manager | >=12.1.0<=12.1.3.7 | |
F5 BIG-IP Local Traffic Manager | >=13.0.0<=13.1.1.1 | |
F5 BIG-IP Local Traffic Manager | >=14.0.0<=14.0.0.2 | |
f5 big-ip application acceleration manager | >=12.1.0<=12.1.3.7 | |
f5 big-ip application acceleration manager | >=13.0.0<=13.1.1.1 | |
f5 big-ip application acceleration manager | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Advanced Firewall Manager | >=12.1.0<=12.1.3.7 | |
F5 BIG-IP Advanced Firewall Manager | >=13.0.0<=13.1.1.1 | |
F5 BIG-IP Advanced Firewall Manager | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Analytics | >=12.1.0<=12.1.3.7 | |
F5 BIG-IP Analytics | >=13.0.0<=13.1.1.1 | |
F5 BIG-IP Analytics | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Access Policy Manager | >=12.1.0<=12.1.3.7 | |
F5 BIG-IP Access Policy Manager | >=13.0.0<=13.1.1.1 | |
F5 BIG-IP Access Policy Manager | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Application Security Manager | >=12.1.0<=12.1.3.7 | |
F5 BIG-IP Application Security Manager | >=13.0.0<=13.1.1.1 | |
F5 BIG-IP Application Security Manager | >=14.0.0<=14.0.0.2 | |
f5 big-ip domain name system | >=12.1.0<=12.1.3.7 | |
f5 big-ip domain name system | >=13.0.0<=13.1.1.1 | |
f5 big-ip domain name system | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Edge Gateway | >=12.1.0<=12.1.3.7 | |
F5 BIG-IP Edge Gateway | >=13.0.0<=13.1.1.1 | |
F5 BIG-IP Edge Gateway | >=14.0.0<=14.0.0.2 | |
f5 big-ip fraud protection service | >=12.1.0<=12.1.3.7 | |
f5 big-ip fraud protection service | >=13.0.0<=13.1.1.1 | |
f5 big-ip fraud protection service | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Global Traffic Manager | >=12.1.0<=12.1.3.7 | |
F5 BIG-IP Global Traffic Manager | >=13.0.0<=13.1.1.1 | |
F5 BIG-IP Global Traffic Manager | >=14.0.0<=14.0.0.2 | |
f5 big-ip link controller | >=12.1.0<=12.1.3.7 | |
f5 big-ip link controller | >=13.0.0<=13.1.1.1 | |
f5 big-ip link controller | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP Policy Enforcement Manager | >=12.1.0<=12.1.3.7 | |
F5 BIG-IP Policy Enforcement Manager | >=13.0.0<=13.1.1.1 | |
F5 BIG-IP Policy Enforcement Manager | >=14.0.0<=14.0.0.2 | |
F5 BIG-IP WebAccelerator | >=12.1.0<=12.1.3.7 | |
F5 BIG-IP WebAccelerator | >=13.0.0<=13.1.1.1 | |
F5 BIG-IP WebAccelerator | >=14.0.0<=14.0.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-15330 has been classified as a medium severity vulnerability due to its potential impact on system stability.
To mitigate CVE-2018-15330, users should upgrade their BIG-IP systems to versions beyond 14.0.0.2, 13.1.1.1, or 12.1.3.7.
CVE-2018-15330 affects F5 BIG-IP Local Traffic Manager, Application Security Manager, and several other BIG-IP modules across specified versions.
Exploitation of CVE-2018-15330 may lead to a fatal error in the BIG-IP system, causing the Traffic Management Microkernel (TMM) to create a core file.
As of now, there is no public information indicating an active exploit for CVE-2018-15330, but it is advisable to apply the recommended patches.