Severity
High
Analysis Summary
CVE-2024-22093 CVSS:8.7
F5 BIG-IP could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw when running in Appliance mode. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-23979 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when an SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP) authentication profile is configured on a virtual server. By sending specially crafted requests, a remote attacker could exploit this vulnerability to cause an increase in CPU resource utilization.
CVE-2024-21849 CVSS:7.5
F5 BIG-IP (Advanced WAF) and BIG-IP (ASM) are vulnerable to a denial of service, caused by a flaw when an Advanced WAF/ASM security policy and a Websockets profile are configured on a virtual server. By sending a specially crafted traffic, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) process to terminate.
CVE-2024-23982 CVSS:7.5
F5 BIG-IP (PEM) is vulnerable to a denial of service, caused by a flaw when PEM classification profile is configured on a UDP virtual server. By sending specially crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate.
CVE-2024-21789 CVSS:7.5
F5 BIG-IP (AFM) and BIG-IP (ASM) are vulnerable to a denial of service, caused by a flaw when security policy is configured on a virtual server. By sending specially crafted requests, a remote attacker could exploit this vulnerability to cause an increase in memory resource utilization.
CVE-2024-24775 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a virtual server is enabled with VLAN group and SNAT listener is configured. By sending a specially crafted traffic, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate.
CVE-2024-23805 CVSS:7.5
F5 BIG-IP (Advanced WAF) and BIG-IP (ASM) is vulnerable to a denial of service, caused by a flawwhen the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables avr.IncludeServerInURI or avr.CollectOnlyHostnameFromURI are enabled. By sending specially crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate.
CVE-2024-23308 CVSS:7.5
F5 BIG-IP (Advanced WAF) and BIG-IP (ASM) are vulnerable to a denial of service, caused by a flaw when Request Body Handling option is attached to a virtual server. By sending specially crafted requests, a remote attacker could exploit this vulnerability to cause the BD process to terminate.
CVE-2024-21763 CVSS:7.5
F5 BIG-IP (AFM) is vulnerable to a denial of service, caused by a flaw when Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection. By sending specially crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate.
CVE-2024-21771 CVSS:7.5
F5 BIG-IP (AFM) and BIG-IP (IPS) are vulnerable to a denial of service, caused by improper input validation. By sending specially crafted traffic patterns, a remote attacker could exploit this vulnerability to cause a Traffic Management Microkernel (TMM) to restart and traffic disruption.
CVE-2024-23314 CVSS:7.5
F5 BIG-IP and BIG-IP Next SPK are vulnerable to a denial of service, caused by a flaw when HTTP/2 is configured. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate.
CVE-2024-24989 CVSS:7.5
F5 NGINX Plus and NGINX Open Source are vulnerable to a denial of service, caused by a flaw in when configured to use the HTTP/3 QUIC module. By sending specially crafted requests, a remote attacker could exploit this vulnerability to cause NGINX worker processes to terminate.
CVE-2024-24990 CVSS:7.5
F5 NGINX Plus and NGINX Open Source are vulnerable to a denial of service, caused by a flaw when configured to use the HTTP/3 QUIC module. By sending specially crafted requests, a remote attacker could exploit this vulnerability to cause NGINX worker processes to terminate.
CVE-2024-22389 CVSS:7.2
F5 BIG-IP could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when deployed in high availability (HA) and an iControl REST API token is updated. By sending a specially crafted request, an attacker could exploit this vulnerability to use deleted or updated API tokens on the peer device until they expire.
Impact
- Denial of Service
- Gain Access
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2024-20726
- CVE-2024-20727
- CVE-2024-20728
- CVE-2024-20729
- CVE-2024-20730
- CVE-2024-20731
Affected Vendors
F5
Affected Products
- F5 BIG-IP (ASM) 15.1.0
- F5 BIG-IP (AFM) 15.1.0
- F5 BIG-IP 15.1.0
- F5 BIG-IP 16.1.0
- F5 BIG-IP (AFM) 16.1.0
- F5 BIG-IP (PEM) 15.1.0
- F5 BIG-IP 16.1.3
- F5 BIG-IP (Advanced WAF) 15.1.0
- F5 BIG-IP (Advanced WAF) 16.1.0
- F5 BIG-IP (ASM) 16.1.0
- F5 BIG-IP (Advanced WAF) 16.1.3
- F5 BIG-IP (ASM) 16.1.3
- F5 BIG-IP 15.1.8
- F5 BIG-IP (AFM) 16.1.3
- F5 BIG-IP 17.1.0
- F5 BIG-IP (PEM) 16.1.0
- F5 BIG-IP (PEM) 15.1.10
- F5 BIG-IP (PEM) 16.1.4
- F5 BIG-IP (PEM) 17.1.0
- F5 BIG-IP (PEM) 17.1.1
- F5 BIG-IP (Advanced WAF) 15.1.9
- F5 BIG-IP (Advanced WAF) 17.1.0
- F5 BIG-IP (ASM) 15.1.9
- F5 BIG-IP (ASM) 17.1.0
- F5 BIG-IP (AFM) 15.1.8
- F5 BIG-IP (AFM) 17.1.0
- F5 BIG-IP (IPS) 15.1.0
- F5 BIG-IP (IPS) 15.1.8
- F5 BIG-IP (IPS) 16.1.0
- F5 BIG-IP (IPS) 16.1.3
- F5 BIG-IP (IPS) 17.1.0
- F5 NGINX Plus R30
- F5 NGINX Plus R31
- F5 NGINX Open Source 1.25.0
- F5 NGINX Open Source 1.25.3
Remediation
Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.