CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5502

On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate authentication is not enabled by default in Client SSL profile. There is no control plane exposure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2018-5502

F5 » Big-Ip Access Policy Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0
F5 » Big-Ip Access Policy Manager » Version: 13.0.0.0

cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0.0
F5 » Big-Ip Access Policy Manager » Version: 13.0.1

cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.1
F5 » Big-Ip Access Policy Manager » Version: 13.1.0

cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0
F5 » Big-Ip Access Policy Manager » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0.1
F5 » Big-Ip Access Policy Manager » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0.2
F5 » Big-Ip Access Policy Manager » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0.3
F5 » Big-Ip Advanced Firewall Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0
F5 » Big-Ip Advanced Firewall Manager » Version: 13.0.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.1
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.0
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.1
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.2
F5 » Big-Ip Advanced Firewall Manager » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0.3
F5 » Big-Ip Analytics » Version: 13.0.0

cpe:2.3:a:f5:big-ip_analytics:13.0.0
F5 » Big-Ip Analytics » Version: 13.0.1

cpe:2.3:a:f5:big-ip_analytics:13.0.1
F5 » Big-Ip Analytics » Version: 13.1.0

cpe:2.3:a:f5:big-ip_analytics:13.1.0
F5 » Big-Ip Analytics » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_analytics:13.1.0.0
F5 » Big-Ip Analytics » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_analytics:13.1.0.1
F5 » Big-Ip Analytics » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_analytics:13.1.0.2
F5 » Big-Ip Analytics » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_analytics:13.1.0.3
F5 » Big-Ip Application Acceleration Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0
F5 » Big-Ip Application Acceleration Manager » Version: 13.0.1

cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.1
F5 » Big-Ip Application Acceleration Manager » Version: 13.1.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.0
F5 » Big-Ip Application Acceleration Manager » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.0.0
F5 » Big-Ip Application Acceleration Manager » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.0.1
F5 » Big-Ip Application Acceleration Manager » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.0.2
F5 » Big-Ip Application Acceleration Manager » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.0.3
F5 » Big-Ip Application Security Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0
F5 » Big-Ip Application Security Manager » Version: 13.0.1

cpe:2.3:a:f5:big-ip_application_security_manager:13.0.1
F5 » Big-Ip Application Security Manager » Version: 13.1.0

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0
F5 » Big-Ip Application Security Manager » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.0
F5 » Big-Ip Application Security Manager » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.1
F5 » Big-Ip Application Security Manager » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.2
F5 » Big-Ip Application Security Manager » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0.3
F5 » Big-Ip Domain Name System » Version: 13.0.0

cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0
F5 » Big-Ip Domain Name System » Version: 13.0.1

cpe:2.3:a:f5:big-ip_domain_name_system:13.0.1
F5 » Big-Ip Domain Name System » Version: 13.1.0

cpe:2.3:a:f5:big-ip_domain_name_system:13.1.0
F5 » Big-Ip Domain Name System » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_domain_name_system:13.1.0.0
F5 » Big-Ip Domain Name System » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_domain_name_system:13.1.0.1
F5 » Big-Ip Domain Name System » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_domain_name_system:13.1.0.2
F5 » Big-Ip Domain Name System » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_domain_name_system:13.1.0.3
F5 » Big-Ip Domain Name System » Version: 13.1.0.4

cpe:2.3:a:f5:big-ip_domain_name_system:13.1.0.4
F5 » Big-Ip Edge Gateway » Version: 13.0.0

cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0
F5 » Big-Ip Edge Gateway » Version: 13.0.1

cpe:2.3:a:f5:big-ip_edge_gateway:13.0.1
F5 » Big-Ip Edge Gateway » Version: 13.1.0

cpe:2.3:a:f5:big-ip_edge_gateway:13.1.0
F5 » Big-Ip Edge Gateway » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_edge_gateway:13.1.0.0
F5 » Big-Ip Edge Gateway » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_edge_gateway:13.1.0.1
F5 » Big-Ip Edge Gateway » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_edge_gateway:13.1.0.2
F5 » Big-Ip Edge Gateway » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_edge_gateway:13.1.0.3
F5 » Big-Ip Global Traffic Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0
F5 » Big-Ip Global Traffic Manager » Version: 13.0.1

cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.1
F5 » Big-Ip Global Traffic Manager » Version: 13.1.0

cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.0
F5 » Big-Ip Global Traffic Manager » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.0.0
F5 » Big-Ip Global Traffic Manager » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.0.1
F5 » Big-Ip Global Traffic Manager » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.0.2
F5 » Big-Ip Global Traffic Manager » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.0.3
F5 » Big-Ip Link Controller » Version: 13.0.0

cpe:2.3:a:f5:big-ip_link_controller:13.0.0
F5 » Big-Ip Link Controller » Version: 13.0.1

cpe:2.3:a:f5:big-ip_link_controller:13.0.1
F5 » Big-Ip Link Controller » Version: 13.1.0

cpe:2.3:a:f5:big-ip_link_controller:13.1.0
F5 » Big-Ip Link Controller » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_link_controller:13.1.0.0
F5 » Big-Ip Link Controller » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_link_controller:13.1.0.1
F5 » Big-Ip Link Controller » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_link_controller:13.1.0.2
F5 » Big-Ip Link Controller » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_link_controller:13.1.0.3
F5 » Big-Ip Local Traffic Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0
F5 » Big-Ip Local Traffic Manager » Version: 13.0.1

cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.1
F5 » Big-Ip Local Traffic Manager » Version: 13.1.0

cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0
F5 » Big-Ip Local Traffic Manager » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.0
F5 » Big-Ip Local Traffic Manager » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.1
F5 » Big-Ip Local Traffic Manager » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.2
F5 » Big-Ip Local Traffic Manager » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.3
F5 » Big-Ip Policy Enforcement Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0
F5 » Big-Ip Policy Enforcement Manager » Version: 13.0.1

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.1
F5 » Big-Ip Policy Enforcement Manager » Version: 13.1.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.0
F5 » Big-Ip Policy Enforcement Manager » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.0.0
F5 » Big-Ip Policy Enforcement Manager » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.0.1
F5 » Big-Ip Policy Enforcement Manager » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.0.2
F5 » Big-Ip Policy Enforcement Manager » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.0.3
F5 » Big-Ip Webaccelerator » Version: 13.0.0

cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0
F5 » Big-Ip Webaccelerator » Version: 13.0.1

cpe:2.3:a:f5:big-ip_webaccelerator:13.0.1
F5 » Big-Ip Webaccelerator » Version: 13.1.0

cpe:2.3:a:f5:big-ip_webaccelerator:13.1.0
F5 » Big-Ip Webaccelerator » Version: 13.1.0.0

cpe:2.3:a:f5:big-ip_webaccelerator:13.1.0.0
F5 » Big-Ip Webaccelerator » Version: 13.1.0.1

cpe:2.3:a:f5:big-ip_webaccelerator:13.1.0.1
F5 » Big-Ip Webaccelerator » Version: 13.1.0.2

cpe:2.3:a:f5:big-ip_webaccelerator:13.1.0.2
F5 » Big-Ip Webaccelerator » Version: 13.1.0.3

cpe:2.3:a:f5:big-ip_webaccelerator:13.1.0.3
F5 » Big-Ip Websafe » Version: 1.0.0

cpe:2.3:a:f5:big-ip_websafe:1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5502

Products

Pricing

Contact Us