Products
BIG-IP Next Central Manager
Source
f5sirt@f5.com
Tags
CVE-2024-33612 details
Published : May 8, 2024, 3:15 p.m.
Last Modified : May 8, 2024, 5:05 p.m.
Last Modified : May 8, 2024, 5:05 p.m.
Description
An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an attacker to impersonate an Instance Provider system. A successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6.8 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
6.8
Exploitability Score
Impact Score
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
References
URL | Source |
---|---|
https://my.f5.com/manage/s/article/K000139012 | f5sirt@f5.com |
This website uses the NVD API, but is not approved or certified by it.