High severity8.1NVD Advisory· Published Mar 22, 2018· Updated Jun 17, 2026
CVE-2018-5504
CVE-2018-5504
Description
In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or 12.1.0 - 12.1.3.1.
Affected products
2- F5, Inc./Big Ip (ltm, Aam, Afm, Analytics, Apm, Asm, DNS, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator)cpe-rescueRange: 13.0.0 - 13.1.0.3
Patches
Vulnerability mechanics
References
2- www.securitytracker.com/id/1040558nvdThird Party AdvisoryVDB Entry
- support.f5.com/csp/article/K11718033nvdVendor Advisory
News mentions
0No linked articles in our index yet.