Lucene search

F5F5:K91054692

HistoryFeb 14, 2024 - 12:00 a.m.

K91054692 : BIG-IP Appliance mode iAppsLX vulnerability CVE-2024-23976

2024-02-1400:00:00

my.f5.com

big-ip

appliance mode

iappslx

vulnerability

cve-2024-23976

authenticated attacker

administrator role

bypass

restrictions

control plane

license

vcmp

guest instances.

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Security Advisory Description

When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX templates on a BIG-IP system. (CVE-2024-23976)

Impact

An authenticated attacker with local system access and the Administrator role may be able to bypass Appliance mode restrictions. This is a control plane issue; there is no data plane exposure.

Appliance mode is enforced by a specific license or may be enabled or disabled for individual Virtual Clustered Multiprocessing (vCMP) guest instances. For more information about BIG-IP Appliance mode, refer to K12815: Overview of Appliance mode.

CPENameOperatorVersion
big-ip next central managereq20.0.1
big-ip next central managereq20.0.2
big-ip next central managereq20.1.0
big-ip next cgnat cnfeq1.1.0
big-ip next cgnat cnfeq1.1.1
big-ip next cgnat cnfeq1.2.0
big-ip next cgnat cnfeq1.2.1
big-ip next dns cnfeq1.1.0
big-ip next dns cnfeq1.1.1
big-ip next dns cnfeq1.2.0

Name	Operator	Version
big-ip next central manager	eq	20.0.1
big-ip next central manager	eq	20.0.2
big-ip next central manager	eq	20.1.0
big-ip next cgnat cnf	eq	1.1.0
big-ip next cgnat cnf	eq	1.1.1
big-ip next cgnat cnf	eq	1.2.0
big-ip next cgnat cnf	eq	1.2.1
big-ip next dns cnf	eq	1.1.0
big-ip next dns cnf	eq	1.1.1
big-ip next dns cnf	eq	1.2.0

Rows per page:

1-10 of 4091