Lucene search
HistoryMay 08, 2024 - 3:15 p.m.
CVE-2024-32049
cve-2024-32049
big-ip next central manager
unauthenticated
remote attacker
ltm/waf instance credentials
7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
0.0004 Low
EPSS
Percentile
9.1%
BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG-IP Next LTM/WAF instance credentials.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Related
cvelist
cvelist
CVE-2024-32049 BIG-IP Next Central Manager vulnerability
2024-05-08 15:01:26
cve
cve
CVE-2024-32049
2024-05-08 15:15:09
f5
f5
K000138634 : BIG-IP Next Central Manager vulnerability CVE-2024-32049
2024-05-08 00:00:00
K000139404 : Quarterly Security Notification (May 2024)
2024-05-08 00:00:00
7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
0.0004 Low
EPSS
Percentile
9.1%
Related for NVD:CVE-2024-32049