{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T15:35:46.913","vulnerabilities":[{"cve":{"id":"CVE-2018-5504","sourceIdentifier":"f5sirt@f5.com","published":"2018-03-22T18:29:00.637","lastModified":"2024-11-21T04:08:56.280","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or 12.1.0 - 12.1.3.1."},{"lang":"es","value":"En algunas circunstancias, el TMM (Traffic Management Microkernel) no gestiona correctamente algunas peticiones/respuestas Websockets mal formadas. Esto permite que atacantes remotos provoquen una denegación de servicio (DoS) o una posible ejecución remota de código en el sistema F5 BIG-IP que ejecuta versiones desde la 13.0.0 hasta la 13.1.0.3 o desde la 12.1.0 hasta la 12.1.3.1."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"67C67409-85E1-4E36-B19E-2F2873AC98CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"894DA18C-0B22-45B1-8677-8979F1143216"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3.2","matchCriteriaId":"C0C5D9DD-78E6-4BAB-A4E5-81900FFD024B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"445A66D4-37C1-42A8-A1CA-1D1E2C25E1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"6DA8A90D-0DCB-49F5-B432-7D5B6C898E09"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"EE859987-9C3E-42A9-86E2-122B12090A15"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"56A4DE5A-D7D7-42AC-BF6F-30DD69C25562"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"6C8DAACD-71E0-4A83-A7ED-14BE366ACD1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"687CAC00-B939-4370-8940-E18843C8BF27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"BA630386-C3DC-404E-9011-8DA3CD2F5865"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"C4464C47-7677-43F0-ACF4-DDECF010747E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndIncluding":"13.1.0.4","matchCriteriaId":"6170B579-4770-4550-85B7-B784328DC2FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"75A6FC37-2DD6-4197-85EF-60A92E20230A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"C8766D2F-4D5D-4C78-B29D-1C5648B732D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"84FC63C7-F78B-4435-A23B-ED56E09D3A39"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"717B4A2F-C7E5-45FE-8CD5-8D9E0872B614"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"5C075721-75D0-4E80-9522-ECA6570B37E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"B23C430B-7477-4060-B68A-19B2B441F5EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"AAF6D974-BBE3-48F3-BCFD-29C2E249809C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"B0330565-B391-4121-81EB-601BAEA7BD50"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"3F10F57F-67E5-4004-A0E7-033C561C6AC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"ED65A801-F4BE-4067-903E-8997A13FFEF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.3.2","matchCriteriaId":"E0ACDCC9-3758-4619-B321-AD1C5B4131F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.1.0.4","matchCriteriaId":"E231E105-5DBE-4FEC-8DB2-BEB91AC32F1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"9E6556BF-A50D-4872-BF81-9397A7ECEC9C"}]}]}],"references":[{"url":"http://www.securitytracker.com/id/1040558","source":"f5sirt@f5.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://support.f5.com/csp/article/K11718033","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"http://www.securitytracker.com/id/1040558","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://support.f5.com/csp/article/K11718033","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}