Denial of Service Vulnerability in BIG-IP System with Misconfigured Port Lockdown Setting

Denial of Service Vulnerability in BIG-IP System with Misconfigured Port Lockdown Setting

CVE-2018-15320 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, undisclosed traffic patterns may lead to denial of service conditions for the BIG-IP system. The configuration which exposes this condition is the BIG-IP self IP address which is part of a VLAN group and has the Port Lockdown setting configured with anything other than "allow-all".

Learn more about our Web Application Penetration Testing UK.