F5 BIG-IP负载均衡器多产品爆远程DoS漏洞CVE-2018-5501

近日,F5 BIG-IP负载均衡器多产品再爆远程DoS漏洞,攻击者可以利用此漏洞让应用程序崩溃,从而引发DoS攻击,CVE编号CVE-2018-5501。在2017年至少出现了3次F5 BIG-IP漏洞,都是关于F5 BIG-IP负载均衡器的。

这个漏洞涉及多个F5 BIG-IP产品,包括F5 BIG-IP WebAccelerator、PEM、LTM、Link Controller、GTM、Edge Gateway、DNS、ASM、APM、Analytics、AFM、AAM、WebSafe等,SecurityFocus发布预警通告,相关信息如下

Update:此次还有一个F5 BIG-IP漏洞,是CVE-2018-5500内存破坏漏洞,见如下SecurityFocus信息

F5 BIG-IP是什么

百度知道上有网友回答

F5 BIG-IP是个负载均衡器,负载均衡器是一种采用各种分配算法把网络请求分散到一个服务器集群中的可用服务器上去,通过管理进入的Web数据流量和增加有效的网络带宽,从而使网络访问者获得尽可能最佳的联网体验的硬件设备。

负载均衡器有多种多样的形式,除了作为独立意义上的负载均衡器外,有些负载均衡器集成在交换设备中,置于服务器与Internet链接之间,有些则以两块网络适配器将这一功能集成到PC中,一块连接到Internet上,一块连接到后端服务器群的内部网络上。 一般而言,硬件负载均衡在功能、性能上优于软件方式,不过成本昂贵。当Web服务器为图像服务、SSL(安全套接层)会话或数据库事务而进行优化时,负载均衡器可以体现特别的价值。

CVE-2018-5501漏洞概要

针对CVE-2018-5501漏洞情况,安全加整理了相关内容如下,这些内容可能来自于CVE-2018-5501涉及厂商、CVE-2018-5501漏洞信息发布组织、CVE、SecurityFocus及其它第三方组织。

CVE-2018-5501漏洞标识

  • CVE ID:CVE-2018-5501
  • BUGTRAQ ID:103211
  • F5漏洞库ID: 652848
  • CNNVD ID:【CNNVD漏洞编号】
  • 绿盟科技漏洞库ID:【绿盟科技漏洞库ID】

CVE-2018-5501漏洞相关链接

【增补中】

  • 百度链接:https://www.baidu.com/s?wd=CVE-2018-5501
  • 绿盟科技漏洞库链接:http://www.nsfocus.net/vulndb/{绿盟科技漏洞库ID}
  • SecurityFocus链接:https://www.securityfocus.com/bid/103211
  • F5官方链接:https://support.f5.com/csp/article/K44200194

CVE-2018-5501漏洞描述

【增补中】

CVE评价该漏洞

在某些情况下,在运行13.0.0,12.1.0 – 12.1.3.1,所有11.6 x或11.5 release版本的F5 BIG-IP系统上,TCP的DNS配置文件由于缺乏流量控制允许过度缓冲。

F5评价该漏洞

当漏洞被利用,最坏的情况下,受影响的BIG-IP系统可能会遇到性能下降或拒绝服务(DoS)。

SecurityFocus评价该漏洞

多个F5 BIG-IP产品易于出现远程拒绝服务漏洞DoS漏洞。攻击者可以利用此问题来崩溃应用程序,从而导致拒绝服务条件。

Bugtraq ID: 103211
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2018-5501
Remote: Yes
Local: No
Published: Mar 01 2018 12:00AM
Updated: Mar 01 2018 12:00AM
Credit: The vendor reported the issue.
Vulnerable: F5 BIG-IP-LTM 12.1.1 
F5 BIG-IP WebSafe 12.1.3 
F5 BIG-IP WebSafe 12.1.2 HF2
F5 BIG-IP WebSafe 12.1.2 HF1
F5 BIG-IP WebSafe 12.1.2 
F5 BIG-IP WebSafe 12.1.1 
F5 BIG-IP WebSafe 11.6.2 HF1
F5 BIG-IP WebSafe 11.6.2 
F5 BIG-IP WebSafe 11.6.1 HF1
F5 BIG-IP WebSafe 11.6.1 
F5 BIG-IP WebSafe 11.5.5 
F5 BIG-IP WebSafe 11.5.4 
F5 BIG-IP WebSafe 11.5.3 
F5 BIG-IP WebSafe 11.5.2 
F5 BIG-IP WebSafe 11.6.1 HF2
F5 BIG-IP WebSafe 11.5.1
F5 BIG-IP WebAccelerator 11.5.4 HF2
F5 BIG-IP WebAccelerator 11.5.1 
F5 BIG-IP WebAccelerator 11.2.1 HF8
F5 BIG-IP WebAccelerator 11.2.1 HF3
F5 BIG-IP WebAccelerator 11.2.1 HF16
F5 BIG-IP WebAccelerator 11.2.1 HF15
F5 BIG-IP WebAccelerator 11.2.1 
F5 BIG-IP WebAccelerator 11.2.1 HF5
F5 BIG-IP PEM 12.1.3 
F5 BIG-IP PEM 12.1.2 HF2
F5 BIG-IP PEM 12.1.2 HF1
F5 BIG-IP PEM 12.1.2 HF 1
F5 BIG-IP PEM 12.1.2 
F5 BIG-IP PEM 12.1.1 
F5 BIG-IP PEM 11.6.2 HF1
F5 BIG-IP PEM 11.6.2 
F5 BIG-IP PEM 11.6.1 HF2
F5 BIG-IP PEM 11.6.1 HF1
F5 BIG-IP PEM 11.6.1 
F5 BIG-IP PEM 11.5.4 HF3
F5 BIG-IP PEM 11.5.4 HF2
F5 BIG-IP PEM 11.5.4 HF1
F5 BIG-IP PEM 11.5.3 HF2
F5 BIG-IP PEM 11.5.3 
F5 BIG-IP PEM 11.5.1 HF11
F5 BIG-IP PEM 11.5.1 HF10
F5 BIG-IP PEM 11.5.1 
F5 BIG-IP PEM 11.5.5
F5 BIG-IP PEM 11.5.4
F5 BIG-IP PEM 11.5.3 HF1
F5 BIG-IP PEM 11.5.1 HF6
F5 BIG-IP LTM 12.1.3 
F5 BIG-IP LTM 12.1.2 HF2
F5 BIG-IP LTM 12.1.2 HF1
F5 BIG-IP LTM 12.1.2 
F5 BIG-IP LTM 12.1.1 
F5 BIG-IP Link Controller 12.1.3 
F5 BIG-IP Link Controller 12.1.2 HF2
F5 BIG-IP Link Controller 12.1.2 HF1
F5 BIG-IP Link Controller 12.1.2 
F5 BIG-IP Link Controller 12.1.1 
F5 BIG-IP Link Controller 11.6.1 HF2
F5 BIG-IP Link Controller 11.6.1 HF1
F5 BIG-IP Link Controller 11.5.4 HF3
F5 BIG-IP Link Controller 11.5.4 HF2
F5 BIG-IP Link Controller 11.5.4 HF1
F5 BIG-IP Link Controller 11.5.4 build 0.1.256
F5 BIG-IP Link Controller 11.5.3 HF2
F5 BIG-IP Link Controller 11.5.3 
F5 BIG-IP Link Controller 11.5.2 
F5 BIG-IP Link Controller 11.5.1 HF8
F5 BIG-IP Link Controller 11.5.1 HF11
F5 BIG-IP Link Controller 11.5.1 HF10
F5 BIG-IP Link Controller 11.5.1 
F5 BIG-IP Link Controller 11.5 HF7
F5 BIG-IP Link Controller 11.2.1 HF8
F5 BIG-IP Link Controller 11.2.1 HF3
F5 BIG-IP Link Controller 11.2.1 HF16
F5 BIG-IP Link Controller 11.2.1 HF15
F5 BIG-IP Link Controller 11.2.1 HF14
F5 BIG-IP Link Controller 11.2.1 HF13
F5 BIG-IP Link Controller 11.2.1 HF12
F5 BIG-IP Link Controller 11.2.1 HF11
F5 BIG-IP Link Controller 11.2.1 HF10
F5 BIG-IP Link Controller 11.2.1 
F5 BIG-IP Link Controller 11.6.2 HF1
F5 BIG-IP Link Controller 11.6.2
F5 BIG-IP Link Controller 11.6.1
F5 BIG-IP Link Controller 11.5.5
F5 BIG-IP Link Controller 11.5.4
F5 BIG-IP Link Controller 11.5.3 HF1
F5 BIG-IP Link Controller 11.2.1 HF5
F5 BIG-IP Link Controller 11.2.1 HF2
F5 BIG-IP Link Controller 11.2.1 HF1
F5 BIG-IP GTM 12.1.3 
F5 BIG-IP GTM 12.1.2 
F5 BIG-IP GTM 12.1.1 
F5 BIG-IP GTM 12.1.2 HF1
F5 BIG-IP Edge Gateway 11.5.1 
F5 BIG-IP Edge Gateway 11.2.1 HF9
F5 BIG-IP Edge Gateway 11.2.1 HF8
F5 BIG-IP Edge Gateway 11.2.1 HF3
F5 BIG-IP Edge Gateway 11.2.1 HF16
F5 BIG-IP Edge Gateway 11.2.1 HF15
F5 BIG-IP Edge Gateway 11.2.1 HF5
F5 BIG-IP Edge Gateway 11.2.1 HF2
F5 BIG-IP Edge Gateway 11.2.1
F5 BIG-IP DNS 12.1.3 
F5 BIG-IP DNS 12.1.2 HF2
F5 BIG-IP DNS 12.1.2 HF1
F5 BIG-IP DNS 12.1.2 
F5 BIG-IP DNS 12.1.1 
F5 BIG-IP DNS 11.6.2 
F5 BIG-IP DNS 11.6.1 
F5 BIG-IP DNS 11.5.5 
F5 BIG-IP DNS 11.5.4 HF1
F5 BIG-IP DNS 11.5.4 
F5 BIG-IP DNS 11.5.3 
F5 BIG-IP DNS 11.5.2 
F5 BIG-IP DNS 11.5.1 
F5 BIG-IP DNS 11.2.1 
F5 BIG-IP ASM 12.1.3 
F5 BIG-IP ASM 12.1.2 HF2
F5 BIG-IP ASM 12.1.2 HF1
F5 BIG-IP ASM 12.1.2 
F5 BIG-IP ASM 12.1.1 
F5 BIG-IP ASM 12.1.1 HF1
F5 BIG-IP APM 12.1.3 
F5 BIG-IP APM 12.1.2 HF2
F5 BIG-IP APM 12.1.2 HF1
F5 BIG-IP APM 12.1.2 
F5 BIG-IP APM 12.1.1 
F5 BIG-IP APM 11.6.2 HF1
F5 BIG-IP APM 11.6.2 
F5 BIG-IP APM 11.6.1 HF2
F5 BIG-IP APM 11.6.1 HF1
F5 BIG-IP APM 11.6.1 
F5 BIG-IP APM 11.5.5 
F5 BIG-IP APM 11.5.4 HF3
F5 BIG-IP APM 11.5.4 HF2
F5 BIG-IP APM 11.5.4 HF1
F5 BIG-IP APM 11.5.4 build 0.1.256
F5 BIG-IP APM 11.5.3 HF2
F5 BIG-IP APM 11.5.3 
F5 BIG-IP APM 11.5.2 HF1
F5 BIG-IP APM 11.5.2 
F5 BIG-IP APM 11.5.1 HF11
F5 BIG-IP APM 11.5.1 HF10
F5 BIG-IP APM 11.5.1 
F5 BIG-IP APM 11.2.1 HF8
F5 BIG-IP APM 11.2.1 HF16
F5 BIG-IP APM 11.2.1 HF15
F5 BIG-IP APM 11.2.1 HF14
F5 BIG-IP APM 11.2.1 HF13
F5 BIG-IP APM 11.2.1 HF12
F5 BIG-IP APM 11.2.1 HF11
F5 BIG-IP APM 11.2.1 HF10
F5 BIG-IP APM 11.5.4
F5 BIG-IP APM 11.5.3 HF1
F5 BIG-IP APM 11.5.1 HF6
F5 BIG-IP APM 11.2.1 HF5
F5 BIG-IP APM 11.2.1 HF3
F5 BIG-IP APM 11.2.1 HF2
F5 BIG-IP APM 11.2.1 HF1
F5 BIG-IP APM 11.2.1
F5 BIG-IP Analytics 12.1.3 
F5 BIG-IP Analytics 12.1.2 HF2
F5 BIG-IP Analytics 12.1.2 HF1
F5 BIG-IP Analytics 12.1.2 
F5 BIG-IP Analytics 12.1.1 
F5 BIG-IP Analytics 11.6.2 HF1
F5 BIG-IP Analytics 11.6.2 
F5 BIG-IP Analytics 11.6.1 HF2
F5 BIG-IP Analytics 11.6.1 HF1
F5 BIG-IP Analytics 11.6.1 
F5 BIG-IP Analytics 11.5.4 HF3
F5 BIG-IP Analytics 11.5.4 HF2
F5 BIG-IP Analytics 11.5.4 HF1
F5 BIG-IP Analytics 11.5.3 HF2
F5 BIG-IP Analytics 11.5.3 
F5 BIG-IP Analytics 11.5.2 
F5 BIG-IP Analytics 11.5.1 HF8
F5 BIG-IP Analytics 11.5.1 
F5 BIG-IP Analytics 11.2.1 HF3
F5 BIG-IP Analytics 11.2.1 HF16
F5 BIG-IP Analytics 11.2.1 HF15
F5 BIG-IP Analytics 11.2.1 HF14
F5 BIG-IP Analytics 11.2.1 HF13
F5 BIG-IP Analytics 11.2.1 HF12
F5 BIG-IP Analytics 11.2.1 HF11
F5 BIG-IP Analytics 11.2.1 HF10
F5 BIG-IP Analytics 11.2.1 
F5 BIG-IP Analytics 11.5.5
F5 BIG-IP Analytics 11.5.4
F5 BIG-IP Analytics 11.5.3 HF1
F5 BIG-IP Analytics 11.5.1 HF6
F5 BIG-IP Analytics 11.2.1 HF5
F5 BIG-IP Analytics 11.2.1 HF2
F5 BIG-IP Analytics 11.2.1 HF1
F5 BIG-IP AFM 12.1.3 
F5 BIG-IP AFM 12.1.2 HF2
F5 BIG-IP AFM 12.1.2 HF1
F5 BIG-IP AFM 12.1.2 
F5 BIG-IP AFM 12.1.1 
F5 BIG-IP AFM 11.6.3 
F5 BIG-IP AFM 11.6.1 HF2
F5 BIG-IP AFM 11.6.1 HF1
F5 BIG-IP AFM 11.6.1 
F5 BIG-IP AFM 11.5.4 HF3
F5 BIG-IP AFM 11.5.4 HF2
F5 BIG-IP AFM 11.5.4 HF1
F5 BIG-IP AFM 11.5.3 HF2
F5 BIG-IP AFM 11.5.3 
F5 BIG-IP AFM 11.5.2 
F5 BIG-IP AFM 11.5.1 HF11
F5 BIG-IP AFM 11.5.1 HF10
F5 BIG-IP AFM 11.5.1 
F5 BIG-IP AFM 11.2.1 
F5 BIG-IP AFM 11.6.2 HF1
F5 BIG-IP AFM 11.6.2
F5 BIG-IP AFM 11.5.5
F5 BIG-IP AFM 11.5.4
F5 BIG-IP AFM 11.5.3 HF1
F5 BIG-IP AFM 11.5.1 HF6
F5 BIG-IP AAM 12.1.3 
F5 BIG-IP AAM 12.1.2 HF2
F5 BIG-IP AAM 12.1.2 HF1
F5 BIG-IP AAM 12.1.2 
F5 BIG-IP AAM 12.1.1 
F5 BIG-IP AAM 11.6.2 HF1
F5 BIG-IP AAM 11.6.2 
F5 BIG-IP AAM 11.6.1 HF2
F5 BIG-IP AAM 11.6.1 HF1
F5 BIG-IP AAM 11.6.1 
F5 BIG-IP AAM 11.5.5 
F5 BIG-IP AAM 11.5.4 HF3
F5 BIG-IP AAM 11.5.4 HF2
F5 BIG-IP AAM 11.5.4 HF1
F5 BIG-IP AAM 11.5.4 build 0.1.256
F5 BIG-IP AAM 11.5.3 HF2
F5 BIG-IP AAM 11.5.3 
F5 BIG-IP AAM 11.5.2 
F5 BIG-IP AAM 11.5.1 HF6
F5 BIG-IP AAM 11.5.1 HF11
F5 BIG-IP AAM 11.5.1 HF10
F5 BIG-IP AAM 11.5.1 build 10.104.180
F5 BIG-IP AAM 11.5.1 
F5 BIG-IP AAM 11.2.1 
F5 BIG-IP AAM 11.5.5.11.5.1 HF6
F5 BIG-IP AAM 11.5.4
F5 BIG-IP AAM 11.5.3 HF1
F5 BIG-IP WebAccelerator 11.2.1 HF9
F5 BIG-IP PEM 12.1.1 
F5 BIG-IP PEM 11.6.1 
F5 BIG-IP LTM 12.1.1 
F5 BIG-IP LTM 11.6.1 
F5 BIG-IP LTM 11.2.1 HF9
F5 BIG-IP Link Controller 12.1.1 
F5 BIG-IP Link Controller 11.6.1 
F5 BIG-IP Link Controller 11.2.1 HF9
F5 BIG-IP GTM 11.6.1 
F5 BIG-IP GTM 11.2.1 HF9
F5 BIG-IP Edge Gateway 11.2.1 HF9
F5 BIG-IP ASM 12.1.1 
F5 BIG-IP ASM 11.6.1 
F5 BIG-IP ASM 11.4.1 
F5 BIG-IP ASM 11.2.1 HF9
F5 BIG-IP ASM 11.2 HF9
F5 BIG-IP APM 12.1.1 
F5 BIG-IP APM 11.6.1 
F5 BIG-IP APM 11.2.1 HF9
F5 BIG-IP Analytics 12.1.1 
F5 BIG-IP Analytics 11.6.1 
F5 BIG-IP Analytics 11.2.1 HF9
F5 BIG-IP AFM 12.1.1 
F5 BIG-IP AFM 11.6.1 
F5 BIG-IP AAM 12.1.1 
F5 BIG-IP AAM 11.6.1 
 
Not Vulnerable: F5 BIG-IP WebSafe 13.1 
F5 BIG-IP WebSafe 12.1.3.2
F5 BIG-IP WebAccelerator 12.1.3.2
F5 BIG-IP PEM 13.1 
F5 BIG-IP PEM 12.1.3.2
F5 BIG-IP LTM 13.1 
F5 BIG-IP LTM 12.1.3.2
F5 BIG-IP Link Controller 13.1 
F5 BIG-IP Link Controller 12.1.3.2
F5 BIG-IP GTM 13.1 
F5 BIG-IP GTM 12.1.3.2
F5 BIG-IP DNS 13.1 
F5 BIG-IP DNS 12.1.3.2
F5 BIG-IP ASM 13.1 
F5 BIG-IP ASM 12.1.3.2
F5 BIG-IP APM 13.1 
F5 BIG-IP APM 12.1.3.2
F5 BIG-IP Analytics 13.1 
F5 BIG-IP Analytics 12.1.3.2
F5 BIG-IP AFM 13.1 
F5 BIG-IP AFM 12.1.3.2
F5 BIG-IP AAM 13.1 
F5 BIG-IP AAM 12.1.3.2

 

Multiple F5 BIG-IP Products CVE-2018-5500内存破坏漏洞
 

Bugtraq ID: 103217
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2018-5500
Remote: Yes
Local: No
Published: Mar 01 2018 12:00AM
Updated: Mar 01 2018 12:00AM
Credit: The vendor reported the issue.
Vulnerable: F5 BIG-IP-LTM 12.1.1 
F5 BIG-IP WebSafe 12.1.3 
F5 BIG-IP WebSafe 12.1.2 HF2
F5 BIG-IP WebSafe 12.1.2 HF1
F5 BIG-IP WebSafe 12.1.2 
F5 BIG-IP WebSafe 12.1.1 
F5 BIG-IP WebSafe 12.1 HF2
F5 BIG-IP WebSafe 12.1 HF1
F5 BIG-IP WebSafe 12.1 
F5 BIG-IP WebSafe 11.6.2 HF1
F5 BIG-IP WebSafe 11.6.2 
F5 BIG-IP WebSafe 11.6.1 HF1
F5 BIG-IP WebSafe 11.6.1 
F5 BIG-IP WebSafe 11.6.1 HF2
F5 BIG-IP PEM 12.1.3 
F5 BIG-IP PEM 12.1.2 HF2
F5 BIG-IP PEM 12.1.2 HF1
F5 BIG-IP PEM 12.1.2 HF 1
F5 BIG-IP PEM 12.1.2 
F5 BIG-IP PEM 12.1.1 
F5 BIG-IP PEM 12.1 HF2
F5 BIG-IP PEM 12.1 HF1
F5 BIG-IP PEM 11.6.2 HF1
F5 BIG-IP PEM 11.6.2 
F5 BIG-IP PEM 11.6.1 HF2
F5 BIG-IP PEM 11.6.1 HF1
F5 BIG-IP PEM 11.6.1 
F5 BIG-IP PEM 12.1.0
F5 BIG-IP LTM 12.1.3 
F5 BIG-IP LTM 12.1.2 HF2
F5 BIG-IP LTM 12.1.2 HF1
F5 BIG-IP LTM 12.1.2 
F5 BIG-IP LTM 12.1.1 
F5 BIG-IP LTM 12.1 HF2
F5 BIG-IP LTM 12.1 HF1
F5 BIG-IP LTM 12.1.0
F5 BIG-IP Link Controller 12.1.3 
F5 BIG-IP Link Controller 12.1.2 HF2
F5 BIG-IP Link Controller 12.1.2 HF1
F5 BIG-IP Link Controller 12.1.2 
F5 BIG-IP Link Controller 12.1.1 
F5 BIG-IP Link Controller 12.1 HF2
F5 BIG-IP Link Controller 12.1 HF1
F5 BIG-IP Link Controller 11.6.1 HF2
F5 BIG-IP Link Controller 11.6.1 HF1
F5 BIG-IP Link Controller 11.5.4 HF3
F5 BIG-IP Link Controller 11.5.4 HF2
F5 BIG-IP Link Controller 11.5.4 HF1
F5 BIG-IP Link Controller 11.5.4 build 0.1.256
F5 BIG-IP Link Controller 12.1.0
F5 BIG-IP Link Controller 11.6.2 HF1
F5 BIG-IP Link Controller 11.6.2
F5 BIG-IP Link Controller 11.6.1
F5 BIG-IP Link Controller 11.5.5
F5 BIG-IP GTM 12.1.3 
F5 BIG-IP GTM 12.1.2 
F5 BIG-IP GTM 12.1.1 
F5 BIG-IP GTM 12.1 
F5 BIG-IP GTM 12.1.2 HF1
F5 BIG-IP DNS 12.1.3 
F5 BIG-IP DNS 12.1.2 HF2
F5 BIG-IP DNS 12.1.2 HF1
F5 BIG-IP DNS 12.1.2 
F5 BIG-IP DNS 12.1.1 
F5 BIG-IP DNS 11.6.2 
F5 BIG-IP DNS 11.6.1 
F5 BIG-IP DNS 12.1.0
F5 BIG-IP ASM 12.1.3 
F5 BIG-IP ASM 12.1.2 HF2
F5 BIG-IP ASM 12.1.2 HF1
F5 BIG-IP ASM 12.1.2 
F5 BIG-IP ASM 12.1.1 
F5 BIG-IP ASM 12.1 HF2
F5 BIG-IP ASM 12.1 HF1
F5 BIG-IP ASM 12.1.1 HF1
F5 BIG-IP ASM 12.1.0
F5 BIG-IP APM 12.1.3 
F5 BIG-IP APM 12.1.2 HF2
F5 BIG-IP APM 12.1.2 HF1
F5 BIG-IP APM 12.1.2 
F5 BIG-IP APM 12.1.1 
F5 BIG-IP APM 12.1 HF2
F5 BIG-IP APM 12.1 HF1
F5 BIG-IP APM 11.6.2 HF1
F5 BIG-IP APM 11.6.2 
F5 BIG-IP APM 11.6.1 HF2
F5 BIG-IP APM 11.6.1 HF1
F5 BIG-IP APM 11.6.1 
F5 BIG-IP APM 11.2.1 HF8
F5 BIG-IP APM 11.2.1 HF16
F5 BIG-IP APM 11.2.1 HF15
F5 BIG-IP APM 11.2.1 HF14
F5 BIG-IP APM 11.2.1 HF13
F5 BIG-IP APM 11.2.1 HF12
F5 BIG-IP APM 11.2.1 HF11
F5 BIG-IP APM 11.2.1 HF10
F5 BIG-IP APM 12.1.0
F5 BIG-IP APM 11.2.1 HF5
F5 BIG-IP APM 11.2.1 HF3
F5 BIG-IP APM 11.2.1 HF2
F5 BIG-IP APM 11.2.1 HF1
F5 BIG-IP APM 11.2.1
F5 BIG-IP Analytics 12.1.3 
F5 BIG-IP Analytics 12.1.2 HF2
F5 BIG-IP Analytics 12.1.2 HF1
F5 BIG-IP Analytics 12.1.2 
F5 BIG-IP Analytics 12.1.1 
F5 BIG-IP Analytics 11.6.2 HF1
F5 BIG-IP Analytics 11.6.2 
F5 BIG-IP Analytics 11.6.1 HF2
F5 BIG-IP Analytics 11.6.1 HF1
F5 BIG-IP Analytics 11.6.1 
F5 BIG-IP Analytics 12.1.0
F5 BIG-IP AFM 12.1.3 
F5 BIG-IP AFM 12.1.2 HF2
F5 BIG-IP AFM 12.1.2 HF1
F5 BIG-IP AFM 12.1.2 
F5 BIG-IP AFM 12.1.1 
F5 BIG-IP AFM 12.1 HF2
F5 BIG-IP AFM 12.1 HF1
F5 BIG-IP AFM 11.6.1 HF2
F5 BIG-IP AFM 11.6.1 HF1
F5 BIG-IP AFM 11.6.1 
F5 BIG-IP AFM 12.1.0
F5 BIG-IP AFM 11.6.2 HF1
F5 BIG-IP AFM 11.6.2
F5 BIG-IP AAM 12.1.3 
F5 BIG-IP AAM 12.1.2 HF2
F5 BIG-IP AAM 12.1.2 HF1
F5 BIG-IP AAM 12.1.2 
F5 BIG-IP AAM 12.1.1 
F5 BIG-IP AAM 12.1 HF2
F5 BIG-IP AAM 12.1 HF1
F5 BIG-IP AAM 11.6.2 HF1
F5 BIG-IP AAM 11.6.2 
F5 BIG-IP AAM 11.6.1 HF2
F5 BIG-IP AAM 11.6.1 HF1
F5 BIG-IP AAM 11.6.1 
F5 BIG-IP AAM 12.1.0
F5 BIG-IP PEM 12.1.1 
F5 BIG-IP PEM 11.6.1 
F5 BIG-IP LTM 12.1.1 
F5 BIG-IP LTM 11.6.1 
F5 BIG-IP Link Controller 12.1.1 
F5 BIG-IP Link Controller 11.6.1 
F5 BIG-IP GTM 11.6.1 
F5 BIG-IP ASM 12.1.1 
F5 BIG-IP ASM 11.6.1 
F5 BIG-IP APM 12.1.1 
F5 BIG-IP APM 11.6.1 
F5 BIG-IP Analytics 12.1.1 
F5 BIG-IP Analytics 11.6.1 
F5 BIG-IP AFM 12.1.1 
F5 BIG-IP AFM 11.6.1 
F5 BIG-IP AAM 12.1.1 
F5 BIG-IP AAM 11.6.1 
 
Not Vulnerable: F5 BIG-IP WebSafe 13.1 
F5 BIG-IP WebSafe 11.6.3 
F5 BIG-IP WebSafe 12.1.3.2
F5 BIG-IP WebAccelerator 11.6.3 
F5 BIG-IP WebAccelerator 12.1.3.2
F5 BIG-IP PEM 13.1 
F5 BIG-IP PEM 11.6.3 
F5 BIG-IP PEM 12.1.3.2
F5 BIG-IP LTM 13.1 
F5 BIG-IP LTM 11.6.3 
F5 BIG-IP LTM 12.1.3.2
F5 BIG-IP Link Controller 13.1 
F5 BIG-IP Link Controller 11.6.3 
F5 BIG-IP Link Controller 12.1.3.2
F5 BIG-IP GTM 13.1 
F5 BIG-IP GTM 11.6.3 
F5 BIG-IP GTM 12.1.3.2
F5 BIG-IP DNS 13.1 
F5 BIG-IP DNS 11.6.3 
F5 BIG-IP DNS 12.1.3.2
F5 BIG-IP ASM 13.1 
F5 BIG-IP ASM 11.6.3 
F5 BIG-IP ASM 12.1.3.2
F5 BIG-IP APM 13.1 
F5 BIG-IP APM 11.6.3 
F5 BIG-IP APM 12.1.3.2
F5 BIG-IP Analytics 13.1 
F5 BIG-IP Analytics 11.6.3 
F5 BIG-IP Analytics 12.1.3.2
F5 BIG-IP AFM 13.1 
F5 BIG-IP AFM 11.6.3 
F5 BIG-IP AFM 12.1.3.2
F5 BIG-IP AAM 13.1 
F5 BIG-IP AAM 11.6.3 
F5 BIG-IP AAM 12.1.3.2

CVE-2018-5501漏洞影响范围

CVE-2018-5501漏洞涉及厂商

F5

CVE-2018-5501漏洞涉及产品

F5 BIG-IP负载均衡器

CVE-2018-5501漏洞影响版本

见本文相关信息

CVE-2018-5501漏洞解决方案

【增补中】

F5声明

请查询受影响产品及升级信息,尽快升级

https://support.f5.com/csp/article/K44200194

Branch Versions known to be vulnerable Fixes introduced in Severity

BIG-IP (LTM, AAM, AFM, Analytics, APM,

ASM, DNS, Edge Gateway, GTM,

 Link Controller, PEM, WebAccelerator, WebSafe)

13.x 13.0.0 13.1.0
12.x 12.1.0 – 12.1.3 12.1.3.2
11.x 11.6.1 – 11.6.x2
11.5.1 – 11.5.x2
11.2.1
None

【增补中】

{CVE-2018-5501漏洞信息发布组织}声明

【增补中】

CVE-2018-5501漏洞安全加声明

本页信息用以描述CVE-2018-5501漏洞的信息,这些信息便于您对CVE-2018-5501漏洞进行快速阅读并了解相关信息。如下信息如有空缺,则CVE-2018-5501漏洞相关内容正在增补中,如果您知悉相关内容或者如下内容有异议,可以联系站长:安全加QQ:468215215;Weixin:gnaw0725

CVE-2018-5501漏洞相关内容

CVE-2018-5501漏洞相关漏洞

CVE-2018-5500

CVE-2018-5501漏洞相关文章

2017年12月,F5 BIG-IP负载均衡器多产品爆远程DoS漏洞CVE-2017-6166

2017年11月,F5 BIG-IP负载均衡器多个产品又出漏洞 中间人攻击、敏感信息泄露及未授权访问

2017年11月,F5 BIG-IP负载均衡器多个产品 安全绕过漏洞、DoS漏洞及远程代码执行漏洞

发表评论