2024-02-14 19:01:09 +00:00
{
"id" : "CVE-2024-23314" ,
"sourceIdentifier" : "f5sirt@f5.com" ,
"published" : "2024-02-14T17:15:13.387" ,
2025-01-23 21:03:44 +00:00
"lastModified" : "2025-01-23T19:52:38.097" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2024-02-14 19:01:09 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel (TMM) to terminate.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
2024-04-04 08:46:00 +00:00
} ,
{
"lang" : "es" ,
"value" : "Cuando HTTP/2 est\u00e1 configurado en sistemas BIG-IP o BIG-IP Next SPK, las respuestas no reveladas pueden provocar la finalizaci\u00f3n del Microkernel de gesti\u00f3n de tr\u00e1fico (TMM). Nota: Las versiones de software que han llegado al final del soporte t\u00e9cnico (EoTS) no se eval\u00faan"
2024-02-14 19:01:09 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "f5sirt@f5.com" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
2024-02-14 19:01:09 +00:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2024-02-14 19:01:09 +00:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
2025-01-23 21:03:44 +00:00
} ,
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" ,
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
"availabilityImpact" : "HIGH"
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
2024-02-14 19:01:09 +00:00
}
]
} ,
"weaknesses" : [
{
"source" : "f5sirt@f5.com" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-908"
}
]
2025-01-23 21:03:44 +00:00
} ,
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-noinfo"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "F11226F6-9080-4126-ACBD-7211A2746214"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "A8F16422-A642-4614-96F2-E5B4877E8206"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "8.0.0" ,
"versionEndIncluding" : "8.3.0" ,
"matchCriteriaId" : "1B4F2DBC-4DA1-42D8-9BD9-2EAADA27CCDE"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "6DD4CF11-44E9-4596-9397-AF7DBD81277B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "DE979976-11C7-4AFF-8BE4-A094CC9C39CF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "16795277-E8E2-4713-BD65-207655546649"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "0835E39B-F21E-4231-A4B9-5D511FF1B87A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "59203EBF-C52A-45A1-B8DF-00E17E3EFB51"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "F005EFFD-3A40-4762-B0D6-8760C406130F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "8705476E-A246-4B57-A0E1-FD626C1B0DE5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5C698C1C-A3DD-46E2-B05A-12F2604E7F85"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "8D82BCD8-136A-476C-AC86-710CA8B32EB7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "377DE308-CF91-488A-B296-30A3B09451D3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "87670A74-34FE-45DF-A725-25B804C845B3"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "C0FE692A-CD63-4354-B599-2F47EEEFDD37"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "B2F02EC0-E6C2-4E00-9804-043982D88BCE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "84D00768-E71B-4FF7-A7BF-F2C8CFBC900D"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "E4958167-AB1F-4458-A06B-1B2DA313EEBD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "D982C3E6-43DE-4AA8-889F-044E70C7FCB2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ABBD10E8-6054-408F-9687-B9BF6375CA09"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "944B8F9C-E5C6-4DA8-BF2B-1C0B6A388BC4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "7DB6C626-BA78-4C06-8582-BFFCDF957429"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "83794B04-87E2-4CA9-81F5-BB820D0F5395"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "DCFAFFAC-000C-414D-83CF-B8B2C529D9CF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "E68BFC75-6977-4644-A169-48263B896849"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0A6E7035-3299-474F-8F67-945EA9A059D0"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "672067B7-C838-4F0B-B3D0-E85F71715B0A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "A4C17D18-1172-4396-9099-F1F5EAEACE5A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndExcluding" : "15.1.9" ,
"matchCriteriaId" : "1871634A-7609-4D01-8469-3D86F36DC19D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndExcluding" : "16.1.4" ,
"matchCriteriaId" : "603324D6-FE7A-4209-B92B-94EF09AB5FF2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "667EB77B-DA13-4BA4-9371-EE3F3A109F38"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "1.5.0" ,
"versionEndExcluding" : "1.8.1" ,
"matchCriteriaId" : "58401E1A-1240-45F0-A84A-E4F84E37F215"
}
]
}
]
2024-02-14 19:01:09 +00:00
}
] ,
"references" : [
{
"url" : "https://my.f5.com/manage/s/article/K000137675" ,
2025-01-23 21:03:44 +00:00
"source" : "f5sirt@f5.com" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://my.f5.com/manage/s/article/K000137675" ,
2025-01-23 21:03:44 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2024-02-14 19:01:09 +00:00
}
]
}
