CVE-2018-5518

On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest can cause a disruption of service on adjacent VCMP guests running on the same host. Exploiting this vulnerability causes the vCMPd process on the adjacent VCMP guest to restart and produce a core file. This issue is only exploitable on a VCMP guest which is operating in "host-only" or "bridged" mode. VCMP guests which are "isolated" are not impacted by this issue and do not provide mechanism to exploit the vulnerability. Guests which are deployed in "Appliance Mode" may be impacted however the exploit is not possible from an Appliance Mode guest. To exploit this vulnerability root access on a guest system deployed as "host-only" or "bridged" mode is required.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.4 MEDIUM
ADJACENT_NETWORK
HIGH
HIGH
CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
f5CNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
VendorProductVersion
f5big-ip_local_traffic_manager
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_local_traffic_manager
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_application_acceleration_manager
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_application_acceleration_manager
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_advanced_firewall_manager
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_advanced_firewall_manager
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_analytics
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_analytics
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_access_policy_manager
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_access_policy_manager
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_application_security_manager
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_application_security_manager
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_edge_gateway
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_edge_gateway
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_global_traffic_manager
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_global_traffic_manager
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_link_controller
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_link_controller
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_policy_enforcement_manager
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_policy_enforcement_manager
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_webaccelerator
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_webaccelerator
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_websafe
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_websafe
13.0.0 ≤
𝑥
≤ 13.1.0
f5big-ip_domain_name_system
12.0.0 ≤
𝑥
≤ 12.1.3
f5big-ip_domain_name_system
13.0.0 ≤
𝑥
≤ 13.1.0
𝑥
= Vulnerable software versions
References
http://www.securitytracker.com/id/1040797
https://support.f5.com/csp/article/K03165684
http://www.securitytracker.com/id/1040797
https://support.f5.com/csp/article/K03165684