BIG-IP Monitor Functionality Vulnerability Allows Bypass of Access Control Restrictions

CVE-2024-45844

Summary

The vulnerability CVE-2024-45844 affects F5 Networks' BIG-IP monitor functionality and allows attackers to bypass access control restrictions, potentially compromising the system. An attacker with Manager role privileges can elevate their privileges and modify the configuration, even with port lockdown settings in place. A PoC exploit has been published, demonstrating how an attacker with Manager role privileges can create a Local Traffic Manager monitor and use it to send a malicious MCP message, effectively bypassing access control restrictions. It is advised that organizations using affected versions update their systems to the latest fixed versions as soon as possible and implement temporary mitigations until updates are applied. The CVSSv4 score for this vulnerability is 8.6, indicating a high severity level, and organizations are urged to take immediate action to protect their BIG-IP systems.

News Articles

CyberSecurityNews

CVE-2024-45844

PoC Exploit Released for BIG-IP Privilege Escalation Vulnerability

A critical vulnerability in F5 BIG-IP, a popular network traffic management and security solution tracked as CVE-2024-45844, allows authenticated attackers to bypass access control restrictions and potentially compromise the system.

3 months ago

References