CVE-2024-32761
BIG-IP TMM tenants on VELOS and rSeries vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Under certain conditions, a potential data leak may occur in the Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. However, this issue cannot be exploited by an attacker because it is not consistently reproducible and is beyond an attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Bajo ciertas condiciones, puede ocurrir una posible fuga de datos en los micronúcleos de administración de tráfico (TMM) de los inquilinos de BIG-IP que se ejecutan en plataformas VELOS y rSeries. Sin embargo, un atacante no puede aprovechar este problema porque no se puede reproducir de forma consistente y está fuera de su control. Nota: Las versiones de software que han llegado al final del soporte técnico (EoTS) no se evalúan
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-04-24 CVE Reserved
- 2024-05-08 CVE Published
- 2024-05-09 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://my.f5.com/manage/s/article/K000139217 | 2024-05-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| F5 Search vendor "F5" | BIG-IP Search vendor "F5" for product "BIG-IP" | >= 15.1.0 < 15.1.10 Search vendor "F5" for product "BIG-IP" and version " >= 15.1.0 < 15.1.10" | en |
Affected
| ||||||