Lucene search
HistoryAug 14, 2024 - 3:15 p.m.
CVE-2024-41727
big-ip
memory resource
utilization
vulnerability
intel e810 nic
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.7%
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected configurations
Node
f5big-ip_access_policy_managerRange15.1.0–15.1.1
ORf5big-ip_access_policy_managerRange16.1.0–16.1.5
ORf5big-ip_access_policy_managerMatch17.1.0
ORf5big-ip_advanced_firewall_managerRange15.1.0–15.1.1
ORf5big-ip_advanced_firewall_managerRange16.1.0–16.1.5
ORf5big-ip_advanced_firewall_managerMatch17.1.0
ORf5big-ip_advanced_web_application_firewallRange15.1.0–15.1.1
ORf5big-ip_advanced_web_application_firewallRange16.1.0–16.1.5
ORf5big-ip_advanced_web_application_firewallMatch17.1.0
ORf5big-ip_analyticsRange15.1.0–15.1.1
ORf5big-ip_analyticsRange16.1.0–16.1.5
ORf5big-ip_analyticsMatch17.1.0
ORf5big-ip_application_acceleration_managerRange15.1.0–15.1.1
ORf5big-ip_application_acceleration_managerRange16.1.0–16.1.5
ORf5big-ip_application_acceleration_managerMatch17.1.0
ORf5big-ip_application_security_managerRange15.1.0–15.1.1
ORf5big-ip_application_security_managerRange16.1.0–16.1.5
ORf5big-ip_application_security_managerMatch17.1.0
ORf5big-ip_application_visibility_and_reportingRange15.1.0–15.1.1
ORf5big-ip_application_visibility_and_reportingRange16.1.0–16.1.5
ORf5big-ip_application_visibility_and_reportingMatch17.1.0
ORf5big-ip_automation_toolchainRange15.1.0–15.1.1
ORf5big-ip_automation_toolchainRange16.1.0–16.1.5
ORf5big-ip_automation_toolchainMatch17.1.0
ORf5big-ip_carrier-grade_natRange15.1.0–15.1.1
ORf5big-ip_carrier-grade_natRange16.1.0–16.1.5
ORf5big-ip_carrier-grade_natMatch17.1.0
ORf5big-ip_container_ingress_servicesRange15.1.0–15.1.1
ORf5big-ip_container_ingress_servicesRange16.1.0–16.1.5
ORf5big-ip_container_ingress_servicesMatch17.1.0
ORf5big-ip_ddos_hybrid_defenderRange15.1.0–15.1.1
ORf5big-ip_ddos_hybrid_defenderRange16.1.0–16.1.5
ORf5big-ip_ddos_hybrid_defenderMatch17.1.0
ORf5big-ip_domain_name_systemRange15.1.0–15.1.1
ORf5big-ip_domain_name_systemRange16.1.0–16.1.5
ORf5big-ip_domain_name_systemMatch17.1.0
ORf5big-ip_edge_gatewayRange15.1.0–15.1.1
ORf5big-ip_edge_gatewayRange16.1.0–16.1.5
ORf5big-ip_edge_gatewayMatch17.1.0
ORf5big-ip_fraud_protection_serviceRange15.1.0–15.1.1
ORf5big-ip_fraud_protection_serviceRange16.1.0–16.1.5
ORf5big-ip_fraud_protection_serviceMatch17.1.0
ORf5big-ip_global_traffic_managerRange15.1.0–15.1.1
ORf5big-ip_global_traffic_managerRange16.1.0–16.1.5
ORf5big-ip_global_traffic_managerMatch17.1.0
ORf5big-ip_link_controllerRange15.1.0–15.1.1
ORf5big-ip_link_controllerRange16.1.0–16.1.5
ORf5big-ip_link_controllerMatch17.1.0
ORf5big-ip_local_traffic_managerRange15.1.0–15.1.1
ORf5big-ip_local_traffic_managerRange16.1.0–16.1.5
ORf5big-ip_local_traffic_managerMatch17.1.0
ORf5big-ip_policy_enforcement_managerRange15.1.0–15.1.1
ORf5big-ip_policy_enforcement_managerRange16.1.0–16.1.5
ORf5big-ip_policy_enforcement_managerMatch17.1.0
ORf5big-ip_ssl_orchestratorRange15.1.0–15.1.1
ORf5big-ip_ssl_orchestratorRange16.1.0–16.1.5
ORf5big-ip_ssl_orchestratorMatch17.1.0
ORf5big-ip_webacceleratorRange15.1.0–15.1.1
ORf5big-ip_webacceleratorRange16.1.0–16.1.5
ORf5big-ip_webacceleratorMatch17.1.0
ORf5big-ip_websafeRange15.1.0–15.1.1
ORf5big-ip_websafeRange16.1.0–16.1.5
ORf5big-ip_websafeMatch17.1.0
f5r2000Match-
ORf5r4000Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f5 | big-ip_access_policy_manager | * | cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_access_policy_manager | 17.1.0 | cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:* |
| f5 | big-ip_advanced_firewall_manager | * | cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_advanced_firewall_manager | 17.1.0 | cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:* |
| f5 | big-ip_advanced_web_application_firewall | * | cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:* |
| f5 | big-ip_advanced_web_application_firewall | 17.1.0 | cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:* |
| f5 | big-ip_analytics | * | cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* |
| f5 | big-ip_analytics | 17.1.0 | cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:* |
| f5 | big-ip_application_acceleration_manager | * | cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_application_acceleration_manager | 17.1.0 | cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:* |
References
Related
f5
f5
K000138833: BIG-IP TMM vulnerability CVE-2024-41727
2024-08-14 00:00:00
K000140552: Quarterly Security Notification (August 2024)
2024-08-14 00:00:00
cvelist
cvelist
CVE-2024-41727 BIG-IP TMM vulnerability
2024-08-14 14:32:32
cve
cve
CVE-2024-41727
2024-08-14 15:15:27
nessus
nessus
F5 Networks BIG-IP : BIG-IP TMM vulnerability (K000138833)
2024-08-15 00:00:00
vulnrichment
vulnrichment
CVE-2024-41727 BIG-IP TMM vulnerability
2024-08-14 14:32:32
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.7%
Related for NVD:CVE-2024-41727