exploitDog

CVE-2024-21789

Опубликовано: 14 фев. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Ссылки

https://my.f5.com/manage/s/article/K000137270
Vendor Advisory
https://my.f5.com/manage/s/article/K000137270
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*

Версия от 17.1.0 (включая) до 17.1.1 (исключая)

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

Версия от 17.1.0 (включая) до 17.1.1 (исключая)

EPSS

Процентиль: 50%

0.00267

Низкий

7.5 High

CVSS3

Дефекты

CWE-772

CWE-772

Связанные уязвимости

GHSA-qq56-5xwp-c89r

CVSS3: 7.5

github

почти 2 года назад

When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

EPSS

Процентиль: 50%

0.00267

Низкий

7.5 High

CVSS3

Дефекты

CWE-772

CWE-772