CVE-2018-5514

high

Description

On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue.

References

Advisories
More

http://www.securitytracker.com/id/1040804

http://www.securityfocus.com/bid/104097

https://support.f5.com/csp/article/K45320419

Details

Source: Mitre, NVD

Published: 2018-05-02

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.04146

Detections

Analytics