Vulnerability Details CVE-2015-4638
The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.4%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2015-4638
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_analytics:11.3.0
-
cpe:2.3:a:f5:big-ip_analytics:11.4.0
-
cpe:2.3:a:f5:big-ip_analytics:11.4.1
-
cpe:2.3:a:f5:big-ip_analytics:11.5.0
-
cpe:2.3:a:f5:big-ip_analytics:11.5.1
-
cpe:2.3:a:f5:big-ip_analytics:11.5.2
-
cpe:2.3:a:f5:big-ip_analytics:11.6.0
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1
-
cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_link_controller:11.3.0
-
cpe:2.3:a:f5:big-ip_link_controller:11.4.0
-
cpe:2.3:a:f5:big-ip_link_controller:11.4.1
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.0
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.1
-
cpe:2.3:a:f5:big-ip_link_controller:11.5.2
-
cpe:2.3:a:f5:big-ip_link_controller:11.6.0
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2
-
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0
-
cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1
-
cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0
-
cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0
-
cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1
-
cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0