Security Advisory Description
BIG-IP Next Central Manager may allow an unauthenticated, remote attacker to obtain BIG-IP Next LTM/WAF instance credentials. (CVE-2024-32049)
Impact
This vulnerability may allow an unauthenticated attacker in a man-in-the-middle (MITM) position between a BIG-IP Next LTM/WAF instance and BIG-IP Next Central Manager to decrypt and modify the SSL communication between BIG-IP Next Central Manager and the BIG-IP Next LTM/WAF instance.