Lucene search
HistoryFeb 14, 2024 - 5:15 p.m.
CVE-2024-24966
cve-2024-24966
f5os
ldap
remote authentication
vulnerability
eots
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
9.0%
When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Related
prion
prion
Authentication flaw
2024-02-14 17:15:00
vulnrichment
vulnrichment
CVE-2024-24966 F5OS vulnerability
2024-02-14 16:30:22
cve
cve
CVE-2024-24966
2024-02-14 17:15:15
cvelist
cvelist
CVE-2024-24966 F5OS vulnerability
2024-02-14 16:30:22
f5
f5
K000133111 : F5OS vulnerability CVE-2024-24966
2024-02-14 00:00:00
K000138353 : Quarterly Security Notification (February 2024)
2024-02-14 00:00:00
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-24966