Request a Demo
Rewterz
CVE-2024-34342 – Node.js Vulnerability
May 11, 2024
Rewterz
WSHRAT aka Houdini – Active IOCs
May 12, 2024

Multiple F5 BIG-IP Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-33612 CVSS:6.8

F5 BIG-IP Next Central Manager could allow a <remote/local> attacker to bypass security restrictions, caused by an improper certificate validation vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to cross a security boundary.

CVE-2024-32761 CVSS:6.5

F5 BIG-IP could allow a remote attacker to obtain sensitive information, caused by a flaw in Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.

CVE-2024-33604 CVSS:6.1

F5 BIG-IP is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victims Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victims cookie-based authentication credentials.

CVE-2024-28889 CVSS:5.9

F5 BIG-IP is vulnerable to a denial of service, caused by a SSL vulnerability. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate.

CVE-2024-27202 CVSS:4.7

F5 BIG-IP is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the BIG-IP Configuration utility to inject malicious script into a Web page which would be executed in a victims Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victims cookie-based authentication credentials.

CVE-2024-28132 CVSS:4.4

F5 BIG-IP Next CNF could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in Global Server Load Balancing (GSLB) container. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.

Impact

  • Security Bypass
  • Information Disclosure
  • Cross-Site Scripting
  • Denial of Service

Indicators of Compromise

CVE

  • CVE-2024-33612
  • CVE-2024-32761
  • CVE-2024-33604
  • CVE-2024-28889
  • CVE-2024-27202
  • CVE-2024-28132

Affected Vendors

F5

Affected Products

  • F5 BIG-IP 15.1.0
  • F5 BIG-IP 16.1.0
  • F5 BIG-IP 17.1.0
  • F5 BIG-IP 15.1.9
  • F5 BIG-IP 16.1.4
  • F5 BIG-IP 15.1.10
  • F5 BIG-IP Next Central Manager 20.0.1
  • F5 BIG-IP Next Central Manager 20.1.0
  • F5 BIG-IP Next CNF 1.2.1
  • F5 BIG-IP Next CNF 1.2.0
  • F5 BIG-IP 17.1.1

Remediation

Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-33612

CVE-2024-32761

CVE-2024-33604

CVE-2024-28889

CVE-2024-27202

CVE-2024-28132