Lucene search

[email protected]NVD:CVE-2023-24594

HistoryMay 03, 2023 - 3:15 p.m.

CVE-2023-24594

2023-05-0315:15:12

CWE-400

[email protected]

web.nvd.nist.gov

ssl profile

virtual server

cpu utilization

ssl accelerator

eots

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.0005 Low

EPSS

Percentile

18.4%

JSON

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected configurations

NVD

Node

f5big-ip_access_policy_managerMatch14.1.5

f5big-ip_access_policy_managerMatch15.1.4.1

f5big-ip_access_policy_managerMatch16.1.2

f5big-ip_advanced_firewall_managerMatch14.1.5

f5big-ip_advanced_firewall_managerMatch15.1.4.1

f5big-ip_advanced_firewall_managerMatch16.1.2

f5big-ip_advanced_web_application_firewallMatch14.1.5

f5big-ip_advanced_web_application_firewallMatch15.1.4.1

f5big-ip_advanced_web_application_firewallMatch16.1.2

f5big-ip_analyticsMatch14.1.5

f5big-ip_analyticsMatch15.1.4.1

f5big-ip_analyticsMatch16.1.2

f5big-ip_application_acceleration_managerMatch14.1.5

f5big-ip_application_acceleration_managerMatch15.1.4.1

f5big-ip_application_acceleration_managerMatch16.1.2

f5big-ip_application_security_managerMatch14.1.5

f5big-ip_application_security_managerMatch15.1.4.1

f5big-ip_application_security_managerMatch16.1.2

f5big-ip_application_visibility_and_reportingMatch14.1.5

f5big-ip_application_visibility_and_reportingMatch15.1.4.1

f5big-ip_application_visibility_and_reportingMatch16.1.2

f5big-ip_carrier-grade_natMatch14.1.5

f5big-ip_carrier-grade_natMatch15.1.4.1

f5big-ip_carrier-grade_natMatch16.1.2

f5big-ip_ddos_hybrid_defenderMatch14.1.5

f5big-ip_ddos_hybrid_defenderMatch15.1.4.1

f5big-ip_ddos_hybrid_defenderMatch16.1.2

f5big-ip_domain_name_systemMatch14.1.5

f5big-ip_domain_name_systemMatch15.1.4.1

f5big-ip_domain_name_systemMatch16.1.2

f5big-ip_edge_gatewayMatch14.1.5

f5big-ip_edge_gatewayMatch15.1.4.1

f5big-ip_edge_gatewayMatch16.1.2

f5big-ip_fraud_protection_serviceMatch14.1.5

f5big-ip_fraud_protection_serviceMatch15.1.4.1

f5big-ip_fraud_protection_serviceMatch16.1.2

f5big-ip_global_traffic_managerMatch14.1.5

f5big-ip_global_traffic_managerMatch15.1.4.1

f5big-ip_global_traffic_managerMatch16.1.2

f5big-ip_link_controllerMatch14.1.5

f5big-ip_link_controllerMatch15.1.4.1

f5big-ip_link_controllerMatch16.1.2

f5big-ip_local_traffic_managerMatch14.1.5

f5big-ip_local_traffic_managerMatch15.1.4.1

f5big-ip_local_traffic_managerMatch16.1.2

f5big-ip_next_service_proxy_for_kubernetesMatch1.5.0

f5big-ip_policy_enforcement_managerMatch14.1.5

f5big-ip_policy_enforcement_managerMatch15.1.4.1

f5big-ip_policy_enforcement_managerMatch16.1.2

f5big-ip_ssl_orchestratorMatch14.1.5

f5big-ip_ssl_orchestratorMatch15.1.4.1

f5big-ip_ssl_orchestratorMatch16.1.2

f5big-ip_webacceleratorMatch14.1.5

f5big-ip_webacceleratorMatch15.1.4.1

f5big-ip_webacceleratorMatch16.1.2

f5big-ip_websafeMatch14.1.5

f5big-ip_websafeMatch15.1.4.1

f5big-ip_websafeMatch16.1.2

References

my.f5.com/manage/s/article/K000133132

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.0005 Low

EPSS

Percentile

18.4%

JSON

Related for NVD:CVE-2023-24594

nessus1 prion1 cnvd1 cve1 f52 cvelist1