VYPR
Low severity3.7NVD Advisory· Published Jul 25, 2018· Updated Jun 17, 2026

CVE-2018-5538

CVE-2018-5538

Description

On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the 'Allow NOTIFY From' configuration parameter when the db variable "dnsexpress.notifyport" is set to any value other than the default of "0".

Affected products

2
  • F5, Inc./Big IPllm-fuzzy2 versions
    13.1.0-13.1.0.7, 12.1.3-12.1.3.5+ 1 more
    • (no CPE)range: 13.1.0-13.1.0.7, 12.1.3-12.1.3.5
    • (no CPE)range: 13.1.0-13.1.0.7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.