Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-28889
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
BIG-IP SSL vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
无效指针解引用
Source: NVD (National Vulnerability Database)
Vulnerability Title
F5 BIG-IP Next 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 BIG-IP Next 存在安全漏洞,该漏洞源于当具有警报超时的 SSL 配置文件在虚拟服务器上配置为非默认值时,未公开的流量以及攻击者无法控制的条件可能会导致流量管理微内核 (TMM) 终止。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
F5BIG-IP 17.1.0 ~ 17.1.1.3 -
II. Public POCs for CVE-2024-28889
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2024-28889
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: BIG-IP
Same vendor: F5
Same weakness: CWE-825
V. Comments for CVE-2024-28889

No comments yet

Leave a comment