Unrated severityNVD Advisory· Published Oct 31, 2018· Updated Aug 5, 2024
CVE-2018-15317
CVE-2018-15317
Description
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted.
Affected products
2- F5, Inc./Big Ip (ltm, Aam, Afm, Analytics, Apm, Asm, DNS, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator)cpe-rescueRange: 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6
Patches
Vulnerability mechanics
References
2- support.f5.com/csp/article/K43625118mitrex_refsource_CONFIRM
- support.f5.com/csp/article/K43625118mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.