HPACK Bomb Vulnerability in F5 BIG-IP Virtual Servers with HTTP/2 Profiles

CVE-2018-5530 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb".

Learn more about our Cis Benchmark Audit For Server Software.