Potential Data Leak in BIG-IP TMMs on VELOS and rSeries Platforms
CVE-2024-32761

6.5MEDIUM

Key Information:

Vendor: F5
Status: Big-ip
Vendor: CVE Published:; 8 May 2024

Summary

Under certain conditions, a potential data leak may occur in the Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. However, this issue cannot be exploited by an attacker because it is not consistently reproducible and is beyond an attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Affected Version(s)

BIG-IP 15.1.0 < 15.1.10

BIG-IP 17.1.0

BIG-IP 16.1.0

References

https://my.f5.com/manage/s/article/K000139217

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 8, 2024
Vulnerability Reserved
Apr 24, 2024

Key Information:

Summary

Affected Version(s)

References

CVSS V3.1

Timeline

Credit