CVE-2024-23308

BIG-IP Advanced WAF and ASM vulnerability

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed URL with "Apply value and content signatures and detect threat campaigns." Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Cuando una política BIG-IP Advanced WAF o BIG-IP ASM con una opción de Manejo del cuerpo de la solicitud se adjunta a un servidor virtual, las solicitudes no divulgadas pueden hacer que el proceso BD finalice. La condición resulta de configurar la opción Manejo del cuerpo de la solicitud en el perfil de contenido basado en encabezado para una URL permitida con "Aplicar firmas de valor y contenido y detectar campañas de amenazas". Nota: Las versiones de software que han llegado al final del soporte técnico (EoTS) no se evalúan

*Credits: F5

CVSS Scores

F5 Networksv3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-01 CVE Reserved
2024-02-14 CVE Published
2024-02-15 EPSS Updated
2024-08-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-476: NULL Pointer Dereference

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://my.f5.com/manage/s/article/K000137416	2024-02-14

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
F5 Search vendor "F5"		BIG-IP Search vendor "F5" for product "BIG-IP"				>= 17.1.0 < 17.1.1 Search vendor "F5" for product "BIG-IP" and version " >= 17.1.0 < 17.1.1"		en		Affected