10 matches found
CVE-2024-23979
When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are n...
CVE-2024-23979 BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability
When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are n...
CVE-2024-23979
BIG-IP CVE-2024-23979 affects SSL Client Certificate LDAP and CRLDP Authentication profiles when configured on a virtual server, causing undisclosed requests to increase CPU resource utilization and potentially degrade performance (DoS) per the F5 security advisory K000134516. The issue is docume...
CVE-2024-23979 BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability
When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are n...
K000134516: BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability CVE-2024-23979
Security Advisory Description When an SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. CVE-2024-23979 Impact System performance can...
F5 Networks BIG-IP : BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability (K000134516)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000134516 advisory. - When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication...
CVE-2018-15326
In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.2, the CRLDP Auth access policy agent may treat revoked certificates as valid when the BIG-IP APM system fails to download a new Certificate Revocation List...
Code injection
In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.2, the CRLDP Auth access policy agent may treat revoked certificates as valid when the BIG-IP APM system fails to download a new Certificate Revocation List...
CVE-2018-15326
In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.2, the CRLDP Auth access policy agent may treat revoked certificates as valid when the BIG-IP APM system fails to download a new Certificate Revocation List...
CVE-2018-15326
Mode C: CVE-2018-15326 affects BIG-IP APM applying CRLDP authentication; the policy agent may treat revoked certs as valid if the system cannot download a new CRL. Vulnerable versions include BIG-IP APM 14.x (14.0.0–14.0.0.2, 14.0.0.3 listed as vulnerable; fixes introduced in 14.1.0), 13.x (13.0....