Lucene search

F5VULNRICHMENT:CVE-2024-33608

HistoryMay 08, 2024 - 3:01 p.m.

CVE-2024-33608 BIG-IP IPsec vulnerability

2024-05-0815:01:25

CWE-824

github.com

ipsec

tmm

termination

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON

When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:f5:big-ip:17.1.0:*:*:*:*:*:*:*"
    ],
    "vendor": "f5",
    "product": "big-ip",
    "versions": [
      {
        "status": "affected",
        "version": "17.1.0",
        "lessThan": "17.1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

my.f5.com/manage/s/article/K000138728

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-33608