Lucene search

F5F5:K000134516

HistoryFeb 14, 2024 - 12:00 a.m.

K000134516 : BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability CVE-2024-23979

2024-02-1400:00:00

my.f5.com

ssl client certificate

ldap

crldp

authentication

vulnerability

big-ip

cpu resource

dos

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Security Advisory Description

When an SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP) authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. (CVE-2024-23979)

Impact

System performance can degrade until the Traffic Management Microkernel (TMM) process is either forced to restart or is manually restarted. This vulnerability allows a remote, unauthenticated attacker to cause a degradation of service that can lead to a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.

CPENameOperatorVersion
big-ip next central managereq20.0.1
big-ip next central managereq20.0.2
big-ip next central managereq20.1.0
big-ip next cgnat cnfeq1.1.0
big-ip next cgnat cnfeq1.1.1
big-ip next cgnat cnfeq1.2.0
big-ip next cgnat cnfeq1.2.1
big-ip next dns cnfeq1.1.0
big-ip next dns cnfeq1.1.1
big-ip next dns cnfeq1.2.0

Name	Operator	Version
big-ip next central manager	eq	20.0.1
big-ip next central manager	eq	20.0.2
big-ip next central manager	eq	20.1.0
big-ip next cgnat cnf	eq	1.1.0
big-ip next cgnat cnf	eq	1.1.1
big-ip next cgnat cnf	eq	1.2.0
big-ip next cgnat cnf	eq	1.2.1
big-ip next dns cnf	eq	1.1.0
big-ip next dns cnf	eq	1.1.1
big-ip next dns cnf	eq	1.2.0

Rows per page:

1-10 of 4111