{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-27T11:25:24.041","vulnerabilities":[{"cve":{"id":"CVE-2018-5502","sourceIdentifier":"f5sirt@f5.com","published":"2018-03-22T18:29:00.510","lastModified":"2024-11-21T04:08:55.943","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate authentication is not enabled by default in Client SSL profile. There is no control plane exposure."},{"lang":"es","value":"Desde la versión 13.0.0 hasta la 13.1.0.3 de F5 BIG-IP, los atacantes podrían ser capaces de interrumpir servicios en el sistema BIG-IP con un certificado de cliente maliciosamente manipulado. Esta vulnerabilidad afecta a los servidores virtuales asociados con el perfil Client SSL, que habilita el uso de autenticación de certificados de cliente. Este tipo de autenticación no está habilitado por defecto en el perfil Client SSL. No hay ninguna exposición del plano de control."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"894DA18C-0B22-45B1-8677-8979F1143216"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"445A66D4-37C1-42A8-A1CA-1D1E2C25E1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"EE859987-9C3E-42A9-86E2-122B12090A15"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"6C8DAACD-71E0-4A83-A7ED-14BE366ACD1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"BA630386-C3DC-404E-9011-8DA3CD2F5865"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.0.4","matchCriteriaId":"6170B579-4770-4550-85B7-B784328DC2FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"C8766D2F-4D5D-4C78-B29D-1C5648B732D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"717B4A2F-C7E5-45FE-8CD5-8D9E0872B614"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"B23C430B-7477-4060-B68A-19B2B441F5EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"B0330565-B391-4121-81EB-601BAEA7BD50"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"ED65A801-F4BE-4067-903E-8997A13FFEF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"E231E105-5DBE-4FEC-8DB2-BEB91AC32F1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"9E6556BF-A50D-4872-BF81-9397A7ECEC9C"}]}]}],"references":[{"url":"http://www.securitytracker.com/id/1040561","source":"f5sirt@f5.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://support.f5.com/csp/article/K43121447","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"http://www.securitytracker.com/id/1040561","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://support.f5.com/csp/article/K43121447","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}