PT-2024-20092 · F5 · F5 Big-Ip
Published
2024-02-14
·
Updated
2024-02-14
·
CVE-2024-23805
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP (affected versions not specified)
Description
Undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This issue may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables
avr.IncludeServerInURI or avr.CollectOnlyHostnameFromURI are enabled. For BIG-IP Advanced WAF and ASM, this may also occur when either a DoS or Bot Defense profile is configured on a virtual server and the DB variables avr.IncludeServerInURI or avr.CollectOnlyHostnameFromURI are enabled.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
F5 Big-Ip