F5 Networks BIG-IP : DNS Express vulnerability (K45435121)

Medium Nessus Plugin ID 118666


The remote device is missing a vendor-supplied security patch.


On F5 BIG-IP DNS 13.1.0-, 12.1.3-, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the 'Allow NOTIFY From' configuration parameter when the db variable 'dnsexpress.notifyport' is set to any value other than the default of '0'. (CVE-2018-5538)


This vulnerability may allow a malicious actor to cause DNS Express to constantly check for updates. An update only occurs if the zone's serial number has changed.


Upgrade to one of the non-vulnerable versions listed in the F5 Solution K45435121.

See Also


Plugin Details

Severity: Medium

ID: 118666

File Name: f5_bigip_SOL45435121.nasl

Version: 1.2

Type: local

Published: 2018/11/02

Updated: 2019/01/04

Dependencies: 76940

Configuration: Enable paranoid mode

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS v3.0

Base Score: 3.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Vulnerability Information

CPE: cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/h:f5:big-ip

Required KB Items: Host/local_checks_enabled, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version, Settings/ParanoidReport

Patch Publication Date: 2018/07/24

Reference Information

CVE: CVE-2018-5538