Lucene search

F5F5:K000138728

HistoryMay 08, 2024 - 12:00 a.m.

K000138728 : BIG-IP IPsec vulnerability CVE-2024-33608

2024-05-0800:00:00

my.f5.com

big-ip

ipsec

tmm

termination

dos

vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

8.4%

JSON

Security Advisory Description

When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. (CVE-2024-33608)

Impact

Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote unauthenticated attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.

VendorProductVersionCPE
f5big\-ip_next20.0.1cpe:2.3:a:f5:big\-ip_next:20.0.1:*:*:*:*:*:*:*
f5big\-ip_next20.0.2cpe:2.3:a:f5:big\-ip_next:20.0.2:*:*:*:*:*:*:*
f5big\-ip_next20.1.0cpe:2.3:a:f5:big\-ip_next:20.1.0:*:*:*:*:*:*:*
f5big\-ip_next20.1.1cpe:2.3:a:f5:big\-ip_next:20.1.1:*:*:*:*:*:*:*
f5big\-ip_next20.2.0cpe:2.3:a:f5:big\-ip_next:20.2.0:*:*:*:*:*:*:*
f5big\-ip_next1.1.0cpe:2.3:a:f5:big\-ip_next:1.1.0:*:*:*:*:*:*:*
f5big\-ip_next1.1.1cpe:2.3:a:f5:big\-ip_next:1.1.1:*:*:*:*:*:*:*
f5big\-ip_next1.2.0cpe:2.3:a:f5:big\-ip_next:1.2.0:*:*:*:*:*:*:*
f5big\-ip_next1.2.1cpe:2.3:a:f5:big\-ip_next:1.2.1:*:*:*:*:*:*:*
f5big\-ip_next1.3.0cpe:2.3:a:f5:big\-ip_next:1.3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
f5	big\-ip_next	20.0.1	cpe:2.3:a:f5:big\-ip_next:20.0.1:::::::*
f5	big\-ip_next	20.0.2	cpe:2.3:a:f5:big\-ip_next:20.0.2:::::::*
f5	big\-ip_next	20.1.0	cpe:2.3:a:f5:big\-ip_next:20.1.0:::::::*
f5	big\-ip_next	20.1.1	cpe:2.3:a:f5:big\-ip_next:20.1.1:::::::*
f5	big\-ip_next	20.2.0	cpe:2.3:a:f5:big\-ip_next:20.2.0:::::::*
f5	big\-ip_next	1.1.0	cpe:2.3:a:f5:big\-ip_next:1.1.0:::::::*
f5	big\-ip_next	1.1.1	cpe:2.3:a:f5:big\-ip_next:1.1.1:::::::*
f5	big\-ip_next	1.2.0	cpe:2.3:a:f5:big\-ip_next:1.2.0:::::::*
f5	big\-ip_next	1.2.1	cpe:2.3:a:f5:big\-ip_next:1.2.1:::::::*
f5	big\-ip_next	1.3.0	cpe:2.3:a:f5:big\-ip_next:1.3.0:::::::*

Rows per page:

1-10 of 4221

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

8.4%

JSON

Related for F5:K000138728