{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T12:50:29.918","vulnerabilities":[{"cve":{"id":"CVE-2018-15319","sourceIdentifier":"f5sirt@f5.com","published":"2018-10-31T14:29:00.377","lastModified":"2024-11-21T03:50:33.173","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default \"normalize URI\" configuration options used in iRules and/or BIG-IP LTM policies."},{"lang":"es","value":"En BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1 o 12.1.0-12.1.3.6, las peticiones maliciosas realizadas a los servidores virtuales con un perfil HTTP pueden provocar que TMM se reinicie. El problema está expuesto a las opciones de configuración \"normalize URI\", que no son por defecto, que se emplean en las políticas iRules y/o BIG-IP LTM."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"C1812DAA-6894-496B-A81E-74BB4B1F0DFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"B189FA9C-D989-460B-85AC-FD39F8E0259E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"B3A526B1-EB66-497F-B8B5-45205781B323"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"D1143C14-2CF5-4C26-BD43-49255A2B1D09"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"A53D2261-716A-46D4-B1A4-1C1D84F6AF94"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"9032E773-CAB2-4108-A86B-04A8383663BE"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"16A2C604-974E-4455-B510-41EFC1C25061"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"11719D56-D88C-4970-B89E-376D6883857B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"51218200-4536-4ED9-AA9A-301E2B30B829"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"BC3612AA-1F95-4994-B1EA-CA2122F211F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"93B1A472-EA29-4D4E-A27E-F40B0457DE39"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"224F2348-19DC-4242-8A1E-5F5BDCB86B9C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"6B9C4FE2-9C1A-4189-969D-2CBB76858ADB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"E55CC546-E22D-4DD3-B0A6-9C4BC65E0951"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"E021297A-FD19-446B-B526-7516503B6D24"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"43A81546-A1C7-4EA6-987E-794D875DBCFE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"7DE41473-F2DF-4FA8-B208-2A546DE49CA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"DC852AA9-7C30-44D8-A964-07DF817A4FF2"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"8638DC02-A5DD-47CD-AE95-DD7ACF99717E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"734B216E-67CD-44B3-AA47-2D86BF2D68CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"9D11EBE7-741F-4585-962F-99EAA29C1F0E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"6174AD48-BFDA-48BF-A394-B98553BFC7E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"018D35E1-B5D0-456E-9348-79E6CD0560E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"57F6C963-A1BF-4579-9345-D0207269577A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"997402FC-4E9C-41B9-920B-23A760837548"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"9C762BE7-29D5-47B2-B3A3-8AD9646417B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"DC6B989A-BA55-47F5-8269-D9FA435ECC29"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"22D79D9F-E4E6-44FD-AAAB-BC5F0B4DC801"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"F534EADF-DA49-4EDD-97F8-C4046E890D8B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"B76CC481-7DCC-42DD-8EEC-993782FF0AE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"6010CA3B-B5AB-4C6B-93A9-A148207224B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"D0233F1B-2DDB-4B01-A549-E76C18BBC3F1"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"8E5DE77E-4BEA-477D-B604-862F35948529"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"EA0A2FCB-564D-4530-B642-624B6A4F1A22"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"90DBE74F-6E43-448F-9479-8FD75D5DCC22"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.6","matchCriteriaId":"477D0345-6CA9-4614-974C-BA462320E352"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.1.1","matchCriteriaId":"6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.0.0.2","matchCriteriaId":"E6ADE585-616C-4B40-A40C-EE97A8FAC653"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/107052","source":"f5sirt@f5.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://support.f5.com/csp/article/K64208870","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/107052","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://support.f5.com/csp/article/K64208870","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}