Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-23982

Опубликовано: 14 фев. 2024
Источник: nvd
CVSS3: 7.5
EPSS Низкий

Описание

When a BIG-IP PEM classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This issue affects classification engines using signatures released between 09-08-2022 and 02-16-2023. See the table in the F5 Security Advisory for a complete list of affected classification signature files.  NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Версия от 15.1.0 (включая) до 15.1.10 (включая)
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Версия от 16.1.0 (включая) до 16.1.4 (включая)
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Версия от 17.1.0 (включая) до 17.1.1 (включая)

EPSS

Процентиль: 54%
0.00308
Низкий

7.5 High

CVSS3

Дефекты

CWE-121
CWE-787

Связанные уязвимости

github логотип

GHSA-wrfg-qw24-93h8

CVSS3: 7.5
github
почти 2 года назад

When a BIG-IP PEM classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This issue affects classification engines using signatures released between 09-08-2022 and 02-16-2023. See the table in the F5 Security Advisory for a complete list of affected classification signature files.  NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated

EPSS

Процентиль: 54%
0.00308
Низкий

7.5 High

CVSS3

Дефекты

CWE-121
CWE-787