Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2024-1075
Vulnerability from csaf_certbund
Published
2024-05-08 22:00
Modified
2024-05-12 22:00
Summary
F5 BIG-IP: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
F5 FirePass ist ein SSL-VPN Gateway der F5 Corporation. Die BIG-IP ist eine Netzwerk Appliance auf der die meisten F5 Produkte laufen.
Angriff
Ein Angreifer kann mehrere Schwachstellen in F5 BIG-IP ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand herbeizuführen. In der Folge ist eine Übernahme der Kontrolle des "BIG-IP Next Central Manager" möglich.
Betroffene Betriebssysteme
- Appliance
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "F5 FirePass ist ein SSL-VPN Gateway der F5 Corporation. Die BIG-IP ist eine Netzwerk Appliance auf der die meisten F5 Produkte laufen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in F5 BIG-IP ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand herbeizuf\u00fchren. In der Folge ist eine \u00dcbernahme der Kontrolle des \"BIG-IP Next Central Manager\" m\u00f6glich.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1075 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1075.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1075 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1075"
},
{
"category": "external",
"summary": "F5 Quarterly Security Notification (May 2024) vom 2024-05-08",
"url": "https://my.f5.com/manage/s/article/K000139404"
},
{
"category": "external",
"summary": "Eclypsium Blog vom 2024-05-08",
"url": "https://eclypsium.com/blog/big-vulnerabilities-in-next-gen-big-ip/"
}
],
"source_lang": "en-US",
"title": "F5 BIG-IP: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-12T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:08:43.139+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1075",
"initial_release_date": "2024-05-08T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-05-08T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-05-08T22:00:00.000+00:00",
"number": "2",
"summary": "Fehlender Versionseintrag"
},
{
"date": "2024-05-09T22:00:00.000+00:00",
"number": "3",
"summary": "PoC und Blogartikel erg\u00e4nzt; Text und Bewertung entsprechend angepasst"
},
{
"date": "2024-05-12T22:00:00.000+00:00",
"number": "4",
"summary": "Korrektur"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c17.1.1.3",
"product": {
"name": "F5 BIG-IP \u003c17.1.1.3",
"product_id": "T034614"
}
},
{
"category": "product_version_range",
"name": "\u003c16.1.4.3",
"product": {
"name": "F5 BIG-IP \u003c16.1.4.3",
"product_id": "T034615"
}
},
{
"category": "product_version_range",
"name": "\u003c15.1.10.4",
"product": {
"name": "F5 BIG-IP \u003c15.1.10.4",
"product_id": "T034616"
}
},
{
"category": "product_version_range",
"name": "Next Central Manager \u003c20.2.0",
"product": {
"name": "F5 BIG-IP Next Central Manager \u003c20.2.0",
"product_id": "T034617"
}
},
{
"category": "product_version_range",
"name": "Next Central Manager \u003c20.1.0",
"product": {
"name": "F5 BIG-IP Next Central Manager \u003c20.1.0",
"product_id": "T034618"
}
},
{
"category": "product_version_range",
"name": "AFM \u003c17.1.1",
"product": {
"name": "F5 BIG-IP AFM \u003c17.1.1",
"product_id": "T034619"
}
},
{
"category": "product_version_range",
"name": "AFM \u003c16.1.4",
"product": {
"name": "F5 BIG-IP AFM \u003c16.1.4",
"product_id": "T034620"
}
},
{
"category": "product_version_range",
"name": "Next CNF \u003c1.3.0",
"product": {
"name": "F5 BIG-IP Next CNF \u003c1.3.0",
"product_id": "T034621"
}
},
{
"category": "product_version_range",
"name": "APM \u003c17.1.1",
"product": {
"name": "F5 BIG-IP APM \u003c17.1.1",
"product_id": "T034622"
}
},
{
"category": "product_version_range",
"name": "APM \u003c16.1.4.2",
"product": {
"name": "F5 BIG-IP APM \u003c16.1.4.2",
"product_id": "T034623"
}
},
{
"category": "product_version_range",
"name": "APM \u003c15.1.10.3",
"product": {
"name": "F5 BIG-IP APM \u003c15.1.10.3",
"product_id": "T034624"
}
},
{
"category": "product_version_range",
"name": "Next SPK \u003c1.7.0",
"product": {
"name": "F5 BIG-IP Next SPK \u003c1.7.0",
"product_id": "T034625"
}
},
{
"category": "product_version_range",
"name": "Next WAF \u003c20.2.0",
"product": {
"name": "F5 BIG-IP Next WAF \u003c20.2.0",
"product_id": "T034626"
}
},
{
"category": "product_version_range",
"name": "Advanced WAF/ASM \u003c17.1.1.3",
"product": {
"name": "F5 BIG-IP Advanced WAF/ASM \u003c17.1.1.3",
"product_id": "T034627"
}
},
{
"category": "product_version_range",
"name": "Advanced WAF/ASM \u003c16.1.4.3",
"product": {
"name": "F5 BIG-IP Advanced WAF/ASM \u003c16.1.4.3",
"product_id": "T034628"
}
},
{
"category": "product_version_range",
"name": "Advanced WAF/ASM \u003c15.1.10.4",
"product": {
"name": "F5 BIG-IP Advanced WAF/ASM \u003c15.1.10.4",
"product_id": "T034629"
}
}
],
"category": "product_name",
"name": "BIG-IP"
}
],
"category": "vendor",
"name": "F5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-31156",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden im Konfigurations Programm nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer oder authentisierter Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-31156"
},
{
"cve": "CVE-2024-33604",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden im Konfigurations Programm nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer oder authentisierter Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-33604"
},
{
"cve": "CVE-2024-25560",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen, weil der Verkehr unterbrochen wird, w\u00e4hrend der TMM-Prozess neu startet. Dies geschieht in den Komponenten SSL, IPSec und TMM. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-25560"
},
{
"cve": "CVE-2024-28889",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen, weil der Verkehr unterbrochen wird, w\u00e4hrend der TMM-Prozess neu startet. Dies geschieht in den Komponenten SSL, IPSec und TMM. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-28889"
},
{
"cve": "CVE-2024-33608",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen, weil der Verkehr unterbrochen wird, w\u00e4hrend der TMM-Prozess neu startet. Dies geschieht in den Komponenten SSL, IPSec und TMM. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-33608"
},
{
"cve": "CVE-2024-28132",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten TMM und Global Server Load Balancing (GSLB) Container. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen. Das erfolgreiche Ausnutzen einer dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-28132"
},
{
"cve": "CVE-2024-32761",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten TMM und Global Server Load Balancing (GSLB) Container. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen. Das erfolgreiche Ausnutzen einer dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-32761"
},
{
"cve": "CVE-2024-21793",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen durch eine OData-SQL-Injection, eine SQL-Injection, einen HTTP-Request-Smuggling-Angriff, einen Signaturpr\u00fcfungsfehler und mehrere m\u00f6gliche Man-in-the-Middle-Angriffe. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Sicherheitsma\u00dfnahmen zu umgehen und in der Folge die Kontrolle \u00fcber den \"BIG-IP Next Central Manager\" \u00fcbernehmen."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-21793"
},
{
"cve": "CVE-2024-26026",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen durch eine OData-SQL-Injection, eine SQL-Injection, einen HTTP-Request-Smuggling-Angriff, einen Signaturpr\u00fcfungsfehler und mehrere m\u00f6gliche Man-in-the-Middle-Angriffe. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Sicherheitsma\u00dfnahmen zu umgehen und in der Folge die Kontrolle \u00fcber den \"BIG-IP Next Central Manager\" \u00fcbernehmen."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-26026"
},
{
"cve": "CVE-2024-27202",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen durch eine OData-SQL-Injection, eine SQL-Injection, einen HTTP-Request-Smuggling-Angriff, einen Signaturpr\u00fcfungsfehler und mehrere m\u00f6gliche Man-in-the-Middle-Angriffe. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Sicherheitsma\u00dfnahmen zu umgehen und in der Folge die Kontrolle \u00fcber den \"BIG-IP Next Central Manager\" \u00fcbernehmen."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-27202"
},
{
"cve": "CVE-2024-28883",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen durch eine OData-SQL-Injection, eine SQL-Injection, einen HTTP-Request-Smuggling-Angriff, einen Signaturpr\u00fcfungsfehler und mehrere m\u00f6gliche Man-in-the-Middle-Angriffe. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Sicherheitsma\u00dfnahmen zu umgehen und in der Folge die Kontrolle \u00fcber den \"BIG-IP Next Central Manager\" \u00fcbernehmen."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-28883"
},
{
"cve": "CVE-2024-32049",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen durch eine OData-SQL-Injection, eine SQL-Injection, einen HTTP-Request-Smuggling-Angriff, einen Signaturpr\u00fcfungsfehler und mehrere m\u00f6gliche Man-in-the-Middle-Angriffe. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Sicherheitsma\u00dfnahmen zu umgehen und in der Folge die Kontrolle \u00fcber den \"BIG-IP Next Central Manager\" \u00fcbernehmen."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-32049"
},
{
"cve": "CVE-2024-33612",
"notes": [
{
"category": "description",
"text": "In F5 BIG-IP existieren mehrere Schwachstellen. Die Fehler bestehen durch eine OData-SQL-Injection, eine SQL-Injection, einen HTTP-Request-Smuggling-Angriff, einen Signaturpr\u00fcfungsfehler und mehrere m\u00f6gliche Man-in-the-Middle-Angriffe. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Sicherheitsma\u00dfnahmen zu umgehen und in der Folge die Kontrolle \u00fcber den \"BIG-IP Next Central Manager\" \u00fcbernehmen."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2024-33612"
}
]
}
CVE-2024-21793 (GCVE-0-2024-21793)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-01 22:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000138732 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 | BIG-IP Next Central Manager |
Version: 20.0.1 < 20.2.0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip_next_central_manager:20.0.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip_next_central_manager",
"vendor": "f5",
"versions": [
{
"lessThan": "20.2.0",
"status": "affected",
"version": "20.0.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21793",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T16:47:32.402321Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:38:06.949Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138732"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "BIG-IP Next Central Manager",
"vendor": "F5",
"versions": [
{
"lessThan": "20.2.0",
"status": "affected",
"version": "20.0.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "F5 acknowledges Vladyslav Babkin of Eclypsium for bringing this issue to our attention and following the highest standards of coordinated disclosure."
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI).\u003c/span\u003e\u0026nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"value": "\nAn OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI).\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:28.422Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138732"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "BIG-IP Central Manager OData Injection Vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-21793",
"datePublished": "2024-05-08T15:01:28.422Z",
"dateReserved": "2024-04-24T21:34:51.138Z",
"dateUpdated": "2024-08-01T22:27:36.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28132 (GCVE-0-2024-28132)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-02 00:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-922 - Insecure Storage of Sensitive Information
Summary
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local access to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000138913 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 | BIG-IP Next CNF |
Version: 1.2.0 < 1.3.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28132",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:16:57.699411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:03:34.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:49.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138913"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "BIG-IP Next CNF",
"vendor": "F5",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local access to view sensitive information.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u0026nbsp;\u003c/span\u003eNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\u003c/span\u003e\n\n"
}
],
"value": "\nExposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local access to view sensitive information.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:27.035Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138913"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "BIG-IP NEXT CNF vulnerability ",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-28132",
"datePublished": "2024-05-08T15:01:27.035Z",
"dateReserved": "2024-04-24T21:34:20.669Z",
"dateUpdated": "2024-08-02T00:48:49.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26026 (GCVE-0-2024-26026)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-01 23:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
An SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000138733 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 | BIG-IP Next Central Manager |
Version: 20.0.1 < 20.2.0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip_next_central_manager:20.0.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip_next_central_manager",
"vendor": "f5",
"versions": [
{
"lessThan": "20.2.0",
"status": "affected",
"version": "20.0.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26026",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T16:30:53.526368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:06.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:59:31.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138733"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "BIG-IP Next Central Manager",
"vendor": "F5",
"versions": [
{
"lessThan": "20.2.0",
"status": "affected",
"version": "20.0.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "F5 acknowledges Vladyslav Babkin of Eclypsium for bringing this issue to our attention and following the highest standards of coordinated disclosure."
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI).\u0026nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n\u003c/span\u003e"
}
],
"value": "\n\n\nAn SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI).\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:28.771Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138733"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "BIG-IP Central Manager SQL Injection",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-26026",
"datePublished": "2024-05-08T15:01:28.771Z",
"dateReserved": "2024-04-24T21:34:51.145Z",
"dateUpdated": "2024-08-01T23:59:31.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-33604 (GCVE-0-2024-33604)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-02 02:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A reflected cross-site scripting (XSS) vulnerability exist in undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000138894 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-33604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T19:41:34.751741Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T19:41:42.041Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.349Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138894"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"All Modules"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "17.1.1.3",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "16.1.4.3",
"status": "affected",
"version": "16.1.0",
"versionType": "custom"
},
{
"lessThan": "15.1.10.4",
"status": "affected",
"version": "15.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA reflected cross-site scripting (XSS) vulnerability exist in undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.\u003c/span\u003e\u0026nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
}
],
"value": "\nA reflected cross-site scripting (XSS) vulnerability exist in undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:27.377Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138894"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "BIG-IP Configuration utility XSS vulnerability ",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-33604",
"datePublished": "2024-05-08T15:01:27.377Z",
"dateReserved": "2024-04-24T21:34:20.673Z",
"dateUpdated": "2024-08-02T02:36:04.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-33608 (GCVE-0-2024-33608)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-02 02:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-824 - Access of Uninitialized Pointer
Summary
When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000138728 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip:17.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"lessThan": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-33608",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T16:15:17.789180Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:45:08.235Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138728"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"All Modules"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "*",
"status": "unaffected",
"version": "16.1.0",
"versionType": "custom"
},
{
"lessThan": "*",
"status": "unaffected",
"version": "15.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"value": "When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:25.289Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138728"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "BIG-IP IPsec vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-33608",
"datePublished": "2024-05-08T15:01:25.289Z",
"dateReserved": "2024-04-24T21:34:20.650Z",
"dateUpdated": "2024-08-02T02:36:04.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31156 (GCVE-0-2024-31156)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-02 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000138636 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip:17.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"lessThanOrEqual": "17..1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:f5:big-ip:16.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"lessThanOrEqual": "16.1.4",
"status": "affected",
"version": "16.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:f5:big-ip:15.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"lessThanOrEqual": "15.1.10",
"status": "affected",
"version": "15.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31156",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T04:00:51.572883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:37:10.115Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:46:04.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138636"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"All Modules"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "17.1.1.3",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "16.1.4.3",
"status": "affected",
"version": "16.1.0",
"versionType": "custom"
},
{
"lessThan": "15.1.10.4",
"status": "affected",
"version": "15.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "F5 acknowledges Lukasz Plonka for bringing this issue to our attention and following the highest standards of coordinated disclosure."
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.\u0026nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "\nA stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:27.734Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138636"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "BIG-IP Configuration utility XSS vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-31156",
"datePublished": "2024-05-08T15:01:27.734Z",
"dateReserved": "2024-04-24T21:34:20.677Z",
"dateUpdated": "2024-08-02T01:46:04.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-33612 (GCVE-0-2024-33612)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2025-08-28 19:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-295 - Improper Certificate Validation
Summary
An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an attacker to impersonate an Instance Provider system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000139012 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 | BIG-IP Next Central Manager |
Version: 20.0.1 < 20.2.0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip_next_central_manager:20.0.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip_next_central_manager",
"vendor": "f5",
"versions": [
{
"lessThanOrEqual": "20.1.0",
"status": "affected",
"version": "20.0.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-33612",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T04:00:52.512300Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:45:15.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000139012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "BIG-IP Next Central Manager",
"vendor": "F5",
"versions": [
{
"lessThan": "20.2.0",
"status": "affected",
"version": "20.0.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an attacker to impersonate an Instance Provider system.\u0026nbsp;\u0026nbsp;\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an attacker to impersonate an Instance Provider system.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T19:24:59.178Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000139012"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "BIG-IP Next Central Manager vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-33612",
"datePublished": "2024-05-08T15:01:28.082Z",
"dateReserved": "2024-04-24T21:34:20.681Z",
"dateUpdated": "2025-08-28T19:24:59.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25560 (GCVE-0-2024-25560)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-01 23:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-476 - NULL Pointer Dereference
Summary
When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000139037 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | F5 | BIG-IP |
Version: 17.1.0 < 17.1.1 Version: 16.1.0 < 16.1.4 Version: 15.1.0 < * |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip_next_cloud-native_network_functions:1.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip_next_cloud-native_network_functions",
"vendor": "f5",
"versions": [
{
"lessThan": "1.2.0",
"status": "affected",
"version": "1.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:f5:big-ip:17.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"lessThan": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:f5:big-ip:16.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"lessThan": "16.1.4",
"status": "affected",
"version": "16.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:f5:big-ip:15.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "15.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T15:54:52.945502Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T21:02:12.590Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:44:09.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000139037"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"AFM"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "16.1.4",
"status": "affected",
"version": "16.1.0",
"versionType": "custom"
},
{
"lessThan": "*",
"status": "affected",
"version": "15.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "BIG-IP Next CNF",
"vendor": "F5",
"versions": [
{
"lessThan": "1.2.0",
"status": "affected",
"version": "1.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhen BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate.\u003c/span\u003e\n\n \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"value": "\nWhen BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate.\n\n \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:25.651Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000139037"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "TMM Vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-25560",
"datePublished": "2024-05-08T15:01:25.651Z",
"dateReserved": "2024-04-24T21:34:20.655Z",
"dateUpdated": "2024-08-01T23:44:09.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27202 (GCVE-0-2024-27202)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-02 00:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000138520 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"status": "affected",
"version": "17.1.0, 16.1.0, 15.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27202",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T15:54:16.208221Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:33.238Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138520"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"All Modules"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "17.1.1.3",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "16.1.4.3",
"status": "affected",
"version": "16.1.0",
"versionType": "custom"
},
{
"lessThan": "15.1.10.4",
"status": "affected",
"version": "15.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "F5 acknowledges \u0141ukasz Rupala and Kajetan Rostojek from ING HUBS Poland for bringing this issue to our attention and following the highest standards of coordinated disclosure."
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.\u003c/span\u003e\u0026nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"value": "\nA DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:26.004Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138520"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "BIG-IP TMUI XSS vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-27202",
"datePublished": "2024-05-08T15:01:26.004Z",
"dateReserved": "2024-04-24T21:34:20.658Z",
"dateUpdated": "2024-08-02T00:27:59.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28883 (GCVE-0-2024-28883)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-02 01:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-346 - Origin Validation Error
Summary
An origin validation vulnerability exists in
BIG-IP APM browser network access VPN client
for Windows, macOS and Linux which may allow an attacker to bypass F5 endpoint inspection.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000138744 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | F5 | BIG-IP Edge Client |
Version: 7.2.3 < 7.2.4.4 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"status": "affected",
"version": "17.1.0"
},
{
"lessThanOrEqual": "16.1.4",
"status": "affected",
"version": "16.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "15.1.10",
"status": "affected",
"version": "15.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:f5:apm_clients:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apm_clients",
"vendor": "f5",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.3",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28883",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-04T19:53:38.815787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T20:11:20.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "ADP Container"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:03:50.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138744"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Windows",
"Linux",
"MacOS"
],
"product": "BIG-IP Edge Client",
"vendor": "F5",
"versions": [
{
"lessThan": "7.2.4.4",
"status": "affected",
"version": "7.2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"modules": [
"APM"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "16.1.4.2",
"status": "affected",
"version": "16.1.0",
"versionType": "custom"
},
{
"lessThan": "15.1.10.3",
"status": "affected",
"version": "15.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An origin validation vulnerability exists in \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBIG-IP APM browser network access VPN client \u003c/span\u003e\n\n\n\n for Windows, macOS and Linux which may allow an attacker to bypass F5 endpoint inspection. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"value": "An origin validation vulnerability exists in \n\nBIG-IP APM browser network access VPN client \n\n\n\n for Windows, macOS and Linux which may allow an attacker to bypass F5 endpoint inspection. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:24.931Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138744"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "BIG-IP APM browser network access VPN client vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-28883",
"datePublished": "2024-05-08T15:01:24.931Z",
"dateReserved": "2024-04-24T21:34:20.645Z",
"dateUpdated": "2024-08-02T01:03:50.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28889 (GCVE-0-2024-28889)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-02 01:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-825 - Expired Pointer Dereference
Summary
When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000138912 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28889",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T19:57:41.608842Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:03:33.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:03:50.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138912"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"All Modules"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "17.1.1.3",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "16.1.4.3",
"status": "affected",
"version": "16.1.2.1",
"versionType": "custom"
},
{
"lessThan": "15.1.10.4",
"status": "affected",
"version": "15.1.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhen an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker\u0027s control can cause the Traffic Management Microkernel (TMM) to terminate.\u0026nbsp;\u0026nbsp;\u003c/span\u003eNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\u003c/span\u003e"
}
],
"value": "\n\n\nWhen an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker\u0027s control can cause the Traffic Management Microkernel (TMM) to terminate.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825 Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:26.693Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138912"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": " BIG-IP SSL vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-28889",
"datePublished": "2024-05-08T15:01:26.693Z",
"dateReserved": "2024-04-24T21:34:20.666Z",
"dateUpdated": "2024-08-02T01:03:50.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32049 (GCVE-0-2024-32049)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-02 02:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-300 - Channel Accessible by Non-Endpoint
Summary
BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG-IP Next LTM/WAF instance credentials.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000138634 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 | BIG-IP Next Central Manager |
Version: 20.0.1 < 20.1.0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip_next_central_manager:20.0.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip_next_central_manager",
"vendor": "f5",
"versions": [
{
"status": "affected",
"version": "20.0.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32049",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:35:53.206430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:51:30.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:06:43.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138634"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "BIG-IP Next Central Manager",
"vendor": "F5",
"versions": [
{
"lessThan": "20.1.0",
"status": "affected",
"version": "20.0.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG-IP Next LTM/WAF instance credentials.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG-IP Next LTM/WAF instance credentials.\u00a0\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-300",
"description": "CWE-300 Channel Accessible by Non-Endpoint",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:26.346Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138634"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "BIG-IP Next Central Manager vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-32049",
"datePublished": "2024-05-08T15:01:26.346Z",
"dateReserved": "2024-04-24T21:34:20.662Z",
"dateUpdated": "2024-08-02T02:06:43.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32761 (GCVE-0-2024-32761)
Vulnerability from cvelistv5
Published
2024-05-08 15:01
Modified
2024-08-02 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
Under certain conditions, a potential data leak may occur in the Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. However, this issue cannot be exploited by an attacker because it is not consistently reproducible and is beyond an attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
References
| ▼ | URL | Tags |
|---|---|---|
| https://my.f5.com/manage/s/article/K000139217 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip:17.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"status": "affected",
"version": "17.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:f5:big-ip:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"status": "affected",
"version": "16.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:f5:big-ip:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"status": "affected",
"version": "15.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32761",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:23:59.840022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:52:21.071Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000139217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"All Modules"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "*",
"status": "unaffected",
"version": "16.1.0",
"versionType": "custom"
},
{
"lessThan": "15.1.10",
"status": "affected",
"version": "15.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain conditions, a potential data leak may occur in the Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. However, this issue cannot be exploited by an attacker because it is not consistently reproducible and is beyond an attacker\u0027s control.\u003c/span\u003e\u0026nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
}
],
"value": "\nUnder certain conditions, a potential data leak may occur in the Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. However, this issue cannot be exploited by an attacker because it is not consistently reproducible and is beyond an attacker\u0027s control.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:29.122Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000139217"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "BIG-IP TMM tenants on VELOS and rSeries vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-32761",
"datePublished": "2024-05-08T15:01:29.122Z",
"dateReserved": "2024-04-24T21:34:51.149Z",
"dateUpdated": "2024-08-02T02:20:35.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…