exploitDog

CVE-2024-21771

Опубликовано: 14 фев. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel (TMM) restarting and traffic disruption. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Ссылки

https://my.f5.com/manage/s/article/K000137595
Vendor Advisory
https://my.f5.com/manage/s/article/K000137595
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

Версия от 15.1.0 (включая) до 15.1.9 (исключая)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

Версия от 16.1.0 (включая) до 16.1.4 (исключая)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00267

Низкий

7.5 High

CVSS3

Дефекты

CWE-770

CWE-770

Связанные уязвимости

GHSA-8gwr-pghr-44v9

CVSS3: 7.5

github

почти 2 года назад

For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel (TMM) restarting and traffic disruption. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

EPSS

Процентиль: 50%

0.00267

Низкий

7.5 High

CVSS3

Дефекты

CWE-770

CWE-770