mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-29 05:56:17 +00:00
493 lines
17 KiB
JSON
493 lines
17 KiB
JSON
{
|
|
"id": "CVE-2018-15318",
|
|
"sourceIdentifier": "f5sirt@f5.com",
|
|
"published": "2018-10-31T14:29:00.313",
|
|
"lastModified": "2018-12-14T15:29:00.293",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1 o 12.1.3.4-12.1.3.6, si una conexi\u00f3n MPTCP recibe una se\u00f1al de aborto mientras el flujo inicial no es el primario, el flujo inicial se mantendr\u00e1 una vez se completa el procedimiento de cierre. TMM podr\u00eda reiniciarse y producir un archivo core como resultado de esta condici\u00f3n."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 7.8
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-20"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "040A1C53-7997-48D2-BE1D-60BC80DB680A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "B189FA9C-D989-460B-85AC-FD39F8E0259E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "CC25D218-2108-489C-8F3E-2FDF51D187AB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "A53D2261-716A-46D4-B1A4-1C1D84F6AF94"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "8EFC2240-481A-4C45-B964-8921E5D2F164"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "11719D56-D88C-4970-B89E-376D6883857B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "4AA20995-CA41-48BA-8F34-61BEAF7F4314"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "93B1A472-EA29-4D4E-A27E-F40B0457DE39"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "2DB96119-3BC3-4CB6-9745-735B99C6CD2E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "5A2F85BC-0614-4E39-B32D-982CCACA82A6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "7DE41473-F2DF-4FA8-B208-2A546DE49CA2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "6C5A3208-E10D-4C3F-BB87-D3AD3B7A33B6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "734B216E-67CD-44B3-AA47-2D86BF2D68CF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "4ECE036D-DB27-4803-BA29-857B18262C50"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "018D35E1-B5D0-456E-9348-79E6CD0560E2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "EBCAAEFA-59F7-4409-BCD3-A90B12769D33"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "9C762BE7-29D5-47B2-B3A3-8AD9646417B6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "6F988832-C539-4CAB-A31D-3E383BB6F816"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "510D3DA9-7E32-4350-AD40-15BF03FB2055"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "6010CA3B-B5AB-4C6B-93A9-A148207224B2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "384DCBA6-7155-4B10-9C3A-B3DE5E266CDC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "EA0A2FCB-564D-4530-B642-624B6A4F1A22"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.1.3.4",
|
|
"versionEndIncluding": "12.1.3.6",
|
|
"matchCriteriaId": "1F1FE6C3-244C-4FAD-847B-F5299AFE1B60"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.0.0",
|
|
"versionEndIncluding": "13.1.1.1",
|
|
"matchCriteriaId": "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.0.0",
|
|
"versionEndIncluding": "14.0.0.2",
|
|
"matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://support.f5.com/csp/article/K16248201",
|
|
"source": "f5sirt@f5.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |