Security Advisory Description
When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. (CVE-2024-24966)
Impact
This vulnerability may allow an LDAP authenticated attacker to bypass intended access restrictions. There is no data plane exposure; this is a control plane issue only.