Lucene search
HistoryFeb 14, 2024 - 5:15 p.m.
CVE-2024-23314
http/2
big-ip
tmm
termination
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
9.0%
When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
References
Related
cve
cve
CVE-2024-23314
2024-02-14 17:15:13
f5
f5
K000137675 : BIG-IP HTTP/2 vulnerability CVE-2024-23314
2024-02-14 00:00:00
K000138353 : Quarterly Security Notification (February 2024)
2024-02-14 00:00:00
vulnrichment
vulnrichment
CVE-2024-23314 BIG-IP HTTP/2 vulnerability
2024-02-14 16:30:23
prion
prion
Code injection
2024-02-14 17:15:00
cvelist
cvelist
CVE-2024-23314 BIG-IP HTTP/2 vulnerability
2024-02-14 16:30:23
nessus
nessus
F5 Networks BIG-IP : BIG-IP HTTP/2 vulnerability (K000137675)
2024-02-14 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-23314