Lucene search

F5F5:K000138913

HistoryMay 08, 2024 - 12:00 a.m.

K000138913 : BIG-IP Next CNF vulnerability CVE-2024-28132

2024-05-0800:00:00

my.f5.com

big-ip next cnf

sensitive information

gslb container

cve-2024-28132

authenticated attacker

administrator role

exploit

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

1.4 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:M/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

8.4%

JSON

Security Advisory Description

Exposure of a Sensitive Information vulnerability exists in the Global Server Load Balancing (GSLB) container, which may allow an authenticated attacker with administrator role privileges to view sensitive information. (CVE-2024-28132)

Impact

An authenticated attacker may exploit this vulnerability locally through the GSLB container. If the exploit is successful, an attacker can view sensitive information.

VendorProductVersionCPE
f5big\-ip_next20.0.1cpe:2.3:a:f5:big\-ip_next:20.0.1:*:*:*:*:*:*:*
f5big\-ip_next20.0.2cpe:2.3:a:f5:big\-ip_next:20.0.2:*:*:*:*:*:*:*
f5big\-ip_next20.1.0cpe:2.3:a:f5:big\-ip_next:20.1.0:*:*:*:*:*:*:*
f5big\-ip_next20.1.1cpe:2.3:a:f5:big\-ip_next:20.1.1:*:*:*:*:*:*:*
f5big\-ip_next20.2.0cpe:2.3:a:f5:big\-ip_next:20.2.0:*:*:*:*:*:*:*
f5big\-ip_next1.1.0cpe:2.3:a:f5:big\-ip_next:1.1.0:*:*:*:*:*:*:*
f5big\-ip_next1.1.1cpe:2.3:a:f5:big\-ip_next:1.1.1:*:*:*:*:*:*:*
f5big\-ip_next1.2.0cpe:2.3:a:f5:big\-ip_next:1.2.0:*:*:*:*:*:*:*
f5big\-ip_next1.2.1cpe:2.3:a:f5:big\-ip_next:1.2.1:*:*:*:*:*:*:*
f5big\-ip_next1.3.0cpe:2.3:a:f5:big\-ip_next:1.3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
f5	big\-ip_next	20.0.1	cpe:2.3:a:f5:big\-ip_next:20.0.1:::::::*
f5	big\-ip_next	20.0.2	cpe:2.3:a:f5:big\-ip_next:20.0.2:::::::*
f5	big\-ip_next	20.1.0	cpe:2.3:a:f5:big\-ip_next:20.1.0:::::::*
f5	big\-ip_next	20.1.1	cpe:2.3:a:f5:big\-ip_next:20.1.1:::::::*
f5	big\-ip_next	20.2.0	cpe:2.3:a:f5:big\-ip_next:20.2.0:::::::*
f5	big\-ip_next	1.1.0	cpe:2.3:a:f5:big\-ip_next:1.1.0:::::::*
f5	big\-ip_next	1.1.1	cpe:2.3:a:f5:big\-ip_next:1.1.1:::::::*
f5	big\-ip_next	1.2.0	cpe:2.3:a:f5:big\-ip_next:1.2.0:::::::*
f5	big\-ip_next	1.2.1	cpe:2.3:a:f5:big\-ip_next:1.2.1:::::::*
f5	big\-ip_next	1.3.0	cpe:2.3:a:f5:big\-ip_next:1.3.0:::::::*

Rows per page:

1-10 of 4221

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

1.4 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:M/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

8.4%

JSON

Related for F5:K000138913