Websockets Request/Response Handling Vulnerability in F5 BIG-IP Systems

Websockets Request/Response Handling Vulnerability in F5 BIG-IP Systems

CVE-2018-5504 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or 12.1.0 - 12.1.3.1.

Learn more about our Cis Benchmark Audit For F5.