Potential Data Leak in BIG-IP TMMs on VELOS and rSeries Platforms

CVE-2024-32761

6.5MEDIUM

Key Information

Vendor: F5
Status: Big-ip
Vendor: CVE Published:; 8 May 2024

Summary

Under certain conditions, a potential data leak may occur in the Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. However, this issue cannot be exploited by an attacker because it is not consistently reproducible and is beyond an attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Affected Version(s)

BIG-IP >= 17.1.0

BIG-IP >= 16.1.0

BIG-IP < 15.1.10

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
May 8, 2024
Vulnerability Reserved.
Apr 24, 2024

Collectors

NVD DatabaseMitre Database

Key Information

Summary

Affected Version(s)

CVSS V3.1

Timeline

Collectors

Credit