Lucene search

[email protected]NVD:CVE-2024-39778

HistoryAug 14, 2024 - 3:15 p.m.

CVE-2024-39778

2024-08-1415:15:26

CWE-702

[email protected]

web.nvd.nist.gov

big-ip

high-speed bridge

tmm

undisclosed requests

virtual server

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.7%

JSON

When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected configurations

Nvd

Node

f5big-ip_access_policy_managerRange15.1.0–15.1.1

f5big-ip_access_policy_managerRange16.1.0–16.1.5

f5big-ip_access_policy_managerMatch17.1.0

f5big-ip_advanced_firewall_managerRange15.1.0–15.1.1

f5big-ip_advanced_firewall_managerRange16.1.0–16.1.5

f5big-ip_advanced_firewall_managerMatch17.1.0

f5big-ip_advanced_web_application_firewallRange15.1.0–15.1.1

f5big-ip_advanced_web_application_firewallRange16.1.0–16.1.5

f5big-ip_advanced_web_application_firewallMatch17.1.0

f5big-ip_analyticsRange15.1.0–15.1.1

f5big-ip_analyticsRange16.1.0–16.1.5

f5big-ip_analyticsMatch17.1.0

f5big-ip_application_acceleration_managerRange15.1.0–15.1.1

f5big-ip_application_acceleration_managerRange16.1.0–16.1.5

f5big-ip_application_acceleration_managerMatch17.1.0

f5big-ip_application_security_managerRange15.1.0–15.1.1

f5big-ip_application_security_managerRange16.1.0–16.1.5

f5big-ip_application_security_managerMatch17.1.0

f5big-ip_application_visibility_and_reportingRange15.1.0–15.1.1

f5big-ip_application_visibility_and_reportingRange16.1.0–16.1.5

f5big-ip_application_visibility_and_reportingMatch17.1.0

f5big-ip_automation_toolchainRange15.1.0–15.1.1

f5big-ip_automation_toolchainRange16.1.0–16.1.5

f5big-ip_automation_toolchainMatch17.1.0

f5big-ip_carrier-grade_natRange15.1.0–15.1.1

f5big-ip_carrier-grade_natRange16.1.0–16.1.5

f5big-ip_carrier-grade_natMatch17.1.0

f5big-ip_container_ingress_servicesRange15.1.0–15.1.1

f5big-ip_container_ingress_servicesRange16.1.0–16.1.5

f5big-ip_container_ingress_servicesMatch17.1.0

f5big-ip_ddos_hybrid_defenderRange15.1.0–15.1.1

f5big-ip_ddos_hybrid_defenderRange16.1.0–16.1.5

f5big-ip_ddos_hybrid_defenderMatch17.1.0

f5big-ip_domain_name_systemRange15.1.0–15.1.1

f5big-ip_domain_name_systemRange16.1.0–16.1.5

f5big-ip_domain_name_systemMatch17.1.0

f5big-ip_edge_gatewayRange15.1.0–15.1.1

f5big-ip_edge_gatewayRange16.1.0–16.1.5

f5big-ip_edge_gatewayMatch17.1.0

f5big-ip_fraud_protection_serviceRange15.1.0–15.1.1

f5big-ip_fraud_protection_serviceRange16.1.0–16.1.5

f5big-ip_fraud_protection_serviceMatch17.1.0

f5big-ip_global_traffic_managerRange15.1.0–15.1.1

f5big-ip_global_traffic_managerRange16.1.0–16.1.5

f5big-ip_global_traffic_managerMatch17.1.0

f5big-ip_link_controllerRange15.1.0–15.1.1

f5big-ip_link_controllerRange16.1.0–16.1.5

f5big-ip_link_controllerMatch17.1.0

f5big-ip_local_traffic_managerRange15.1.0–15.1.1

f5big-ip_local_traffic_managerRange16.1.0–16.1.5

f5big-ip_local_traffic_managerMatch17.1.0

f5big-ip_policy_enforcement_managerRange15.1.0–15.1.1

f5big-ip_policy_enforcement_managerRange16.1.0–16.1.5

f5big-ip_policy_enforcement_managerMatch17.1.0

f5big-ip_ssl_orchestratorRange15.1.0–15.1.1

f5big-ip_ssl_orchestratorRange16.1.0–16.1.5

f5big-ip_ssl_orchestratorMatch17.1.0

f5big-ip_webacceleratorRange15.1.0–15.1.1

f5big-ip_webacceleratorRange16.1.0–16.1.5

f5big-ip_webacceleratorMatch17.1.0

f5big-ip_websafeRange15.1.0–15.1.1

f5big-ip_websafeRange16.1.0–16.1.5

f5big-ip_websafeMatch17.1.0

VendorProductVersionCPE
f5big-ip_access_policy_manager*cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
f5big-ip_access_policy_manager17.1.0cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*
f5big-ip_advanced_firewall_manager*cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
f5big-ip_advanced_firewall_manager17.1.0cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*
f5big-ip_advanced_web_application_firewall*cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*
f5big-ip_advanced_web_application_firewall17.1.0cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*
f5big-ip_analytics*cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
f5big-ip_analytics17.1.0cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*
f5big-ip_application_acceleration_manager*cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
f5big-ip_application_acceleration_manager17.1.0cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
f5	big-ip_access_policy_manager	*	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
f5	big-ip_access_policy_manager	17.1.0	cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:::::::*
f5	big-ip_advanced_firewall_manager	*	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
f5	big-ip_advanced_firewall_manager	17.1.0	cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:::::::*
f5	big-ip_advanced_web_application_firewall	*	cpe:2.3:a:f5:big-ip_advanced_web_application_firewall::::::::
f5	big-ip_advanced_web_application_firewall	17.1.0	cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:::::::*
f5	big-ip_analytics	*	cpe:2.3:a:f5:big-ip_analytics::::::::
f5	big-ip_analytics	17.1.0	cpe:2.3:a:f5:big-ip_analytics:17.1.0:::::::*
f5	big-ip_application_acceleration_manager	*	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
f5	big-ip_application_acceleration_manager	17.1.0	cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:::::::*