cvedb.io
CVE-2018-5538
LOW · CVSS 3.7
EPSS exploitation probability: 0%
Published 2018-07-25T14:29:00.383 · Last modified 2026-06-17T02:00:29.613

Summary

On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the 'Allow NOTIFY From' configuration parameter when the db variable "dnsexpress.notifyport" is set to any value other than the default of "0".

Affected products

f5 — big-ip_domain_name_system

Does this affect you?

Add your gear to cvedb and we'll alert you only when f5 ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.