CVE-2024-33608
- EPSS 0.59%
- Veröffentlicht 08.05.2024 15:15:10
- Zuletzt bearbeitet 21.10.2025 11:38:00
When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2024-28889
- EPSS 0.44%
- Veröffentlicht 08.05.2024 15:15:09
- Zuletzt bearbeitet 21.10.2025 19:28:04
When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Soft...
- EPSS 0.58%
- Veröffentlicht 08.05.2024 15:15:09
- Zuletzt bearbeitet 21.10.2025 11:39:36
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached...
CVE-2024-25560
- EPSS 0.52%
- Veröffentlicht 08.05.2024 15:15:08
- Zuletzt bearbeitet 21.10.2025 11:40:17
When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2024-27202
- EPSS 0.27%
- Veröffentlicht 08.05.2024 15:15:08
- Zuletzt bearbeitet 21.10.2025 19:28:16
A DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reac...
- EPSS 0.17%
- Veröffentlicht 14.02.2024 17:15:14
- Zuletzt bearbeitet 05.09.2025 15:51:32
When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX templates on a BIG-IP system. Note: Software versions which have reached End of Technical S...
CVE-2024-23979
- EPSS 0.34%
- Veröffentlicht 14.02.2024 17:15:14
- Zuletzt bearbeitet 23.01.2025 19:53:16
When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP) authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software version...
CVE-2024-23982
- EPSS 0.52%
- Veröffentlicht 14.02.2024 17:15:14
- Zuletzt bearbeitet 12.12.2024 19:07:57
When a BIG-IP PEM classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This issue affects classification engines using signatures released between 09-08...
CVE-2024-24775
- EPSS 0.52%
- Veröffentlicht 14.02.2024 17:15:14
- Zuletzt bearbeitet 23.01.2025 19:53:31
When a virtual server is enabled with VLAN group and SNAT listener is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not...
CVE-2024-23314
- EPSS 0.52%
- Veröffentlicht 14.02.2024 17:15:13
- Zuletzt bearbeitet 23.01.2025 19:52:38
When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated