F5 BIG-IP ARM BGP CVE-2018-17539 Remote Denial of Service Vulnerability

Bugtraq ID:	106367
Class:	Design Error
CVE:	CVE-2018-17539
Remote:	Yes
Local:	No
Published:	Dec 28 2018 12:00AM
Updated:	Dec 28 2018 12:00AM
Credit:	The vendor reported this issue.
Vulnerable:	F5 BIG-IP LTM 14.0 F5 BIG-IP LTM 13.1.1 F5 BIG-IP LTM 13.0 F5 BIG-IP LTM 12.1.3 F5 BIG-IP LTM 12.1.2 F5 BIG-IP LTM 12.1.1 F5 BIG-IP LTM 11.6.3 F5 BIG-IP LTM 11.6.2 F5 BIG-IP LTM 11.6.1 F5 BIG-IP LTM 11.5.6 F5 BIG-IP LTM 11.5.5 F5 BIG-IP LTM 11.5.3 F5 BIG-IP LTM 11.5.2 F5 BIG-IP LTM 11.5.1 F5 BIG-IP LTM 11.5 F5 BIG-IP LTM 11.4 F5 BIG-IP LTM 12.1.0 F5 BIG-IP LTM 11.6.0 F5 BIG-IP LTM 11.5.4 F5 BIG-IP LTM 11.4.1 F5 BIG-IP LTM 11.3.0 F5 BIG-IP LTM 11.2.1
Not Vulnerable:	F5 BIG-IP LTM 14.1 F5 BIG-IP LTM 14.0.0.3 F5 BIG-IP LTM 13.1.1.2 F5 BIG-IP LTM 12.1.3.7 F5 BIG-IP LTM 11.6.3.3

F5 BIG-IP ARM BGP CVE-2018-17539 Remote Denial of Service Vulnerability

F5 BIG-IP ARM BGP is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to cause a denial-of-service condition.

The following versions of BIG-IP ARM BGP are vulnerable:
14.0.0, 13.0.0 through 13.1.1, 12.1.0 through 12.1.3, 11.2.1 through 11.6.3.

F5 BIG-IP ARM BGP CVE-2018-17539 Remote Denial of Service Vulnerability

References:

• F5 BIG-IP Homepage (F5)
  
• K17264695: BIG-IP ARM BGP vulnerability CVE-2018-17539 ()