Vulnerability Description
The BGP daemon (bgpd) in all IP Infusion ZebOS versions to 7.10.6 and all OcNOS versions to 1.3.3.145 allow remote attackers to cause a denial of service attack via an autonomous system (AS) path containing 8 or more autonomous system number (ASN) elements.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F5 | Big-Ip Local Traffic Manager | >= 11.2.1, <= 11.6.3 |
| Ipinfusion | Ocnos | <= 1.3.3.145 |
| Ipinfusion | Zebos | <= 7.10.6 |
References
- http://www.securityfocus.com/bid/106367Third Party AdvisoryVDB Entry
- https://support.f5.com/csp/article/K17264695Vendor Advisory
- http://www.securityfocus.com/bid/106367Third Party AdvisoryVDB Entry
- https://support.f5.com/csp/article/K17264695Vendor Advisory
FAQ
What is CVE-2018-17539?
CVE-2018-17539 is a vulnerability with a CVSS score of 7.5 (HIGH). The BGP daemon (bgpd) in all IP Infusion ZebOS versions to 7.10.6 and all OcNOS versions to 1.3.3.145 allow remote attackers to cause a denial of service attack via an autonomous system (AS) path cont...
How severe is CVE-2018-17539?
CVE-2018-17539 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-17539?
Check the references section above for vendor advisories and patch information. Affected products include: F5 Big-Ip Local Traffic Manager, Ipinfusion Ocnos, Ipinfusion Zebos.