Vulnerabilities > F5 > BIG IP Link Controller > 13.1.0.5

DATE CVE VULNERABILITY TITLE RISK
2018-06-27 CVE-2018-5527 Missing Release of Resource after Effective Lifetime vulnerability in F5 products
On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory.
network
low complexity
f5 CWE-772
7.5
7.5
2018-05-02 CVE-2018-5517 Improper Input Validation vulnerability in F5 products
On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service.
network
low complexity
f5 CWE-20
7.5
7.5
2018-05-02 CVE-2018-5515 Improper Input Validation vulnerability in F5 products
On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses from a RADIUS server with IPv6 addresses may cause TMM to crash, leading to a failover event.
network
high complexity
f5 CWE-20
4.4
4.4
2018-05-02 CVE-2018-5514 Improper Input Validation vulnerability in F5 products
On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service.
network
low complexity
f5 CWE-20
7.5
7.5
2018-05-02 CVE-2018-5512 Unspecified vulnerability in F5 products
On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default settings), undisclosed traffic patterns may cause TMM to restart.
network
low complexity
f5
7.5
7.5