mickmick.net

F5 Products Denial of Service Vulnerability

Release Date: 14 Jul 2022

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

A vulnerability was identified in F5 products. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system.

 

---

Impact

• Denial of Service

---

System / Technologies affected

BIG-IP (all modules)

 

• 16.1.0 - 16.1.2
• 15.1.0 - 15.1.5    
• 14.1.0 - 14.1.4    
• 13.1.0 - 13.1.4    

BIG-IP SPK

 

• 1.5.0

BIG-IQ Centralized Management

 

• 8.0.0-8.1.0
• 7.0.0-7.1.0

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://support.f5.com/csp/article/K36462841

---

Vulnerability Identifier

• CVE-2018-18281

---

Source

• AusCERT
• F5

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.3377.2
• https://support.f5.com/csp/article/K36462841