Vulnerabilities > F5 > BIG IP Analytics > 13.1.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-02 | CVE-2018-5517 | Improper Input Validation vulnerability in F5 products On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. | 7.5 |
| 2018-05-02 | CVE-2018-5515 | Improper Input Validation vulnerability in F5 products On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses from a RADIUS server with IPv6 addresses may cause TMM to crash, leading to a failover event. | 4.4 |
| 2018-05-02 | CVE-2018-5514 | Improper Input Validation vulnerability in F5 products On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. | 7.5 |
| 2018-05-02 | CVE-2018-5512 | Unspecified vulnerability in F5 products On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default settings), undisclosed traffic patterns may cause TMM to restart. | 7.5 |
| 2018-03-22 | CVE-2018-5505 | Unspecified vulnerability in F5 products On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both provisioned, TMM may restart while processing DNS requests when the virtual server is configured with a DNS profile and the Protocol setting is set to TCP. | 5.9 |
| 2018-03-22 | CVE-2018-5504 | Unspecified vulnerability in F5 products In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or 12.1.0 - 12.1.3.1. | 8.1 |
| 2018-03-22 | CVE-2018-5502 | Improper Certificate Validation vulnerability in F5 products On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. | 7.5 |