F5CVELIST:CVE-2024-33612CVE-2024-33612 BIG-IP Next Central Manager vulnerability
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
0.0004 Low
EPSS
Percentile
9.1%
An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an attacker to impersonate an Instance Provider system. A successful exploit of this vulnerability can allow the attacker to cross a security boundary.Β Β Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CNA Affected
[
{
"defaultStatus": "unknown",
"product": "BIG-IP Next Central Manager",
"vendor": "F5",
"versions": [
{
"lessThan": "20.2.0",
"status": "affected",
"version": "20.0.1",
"versionType": "custom"
}
]
}
]References
Related
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
0.0004 Low
EPSS
Percentile
9.1%