FKIE_CVE-2024-45844
Vulnerability from fkie_nvd - Published: 2024-10-16 15:15 - Updated: 2025-10-21 11:43
Severity ?
Summary
BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| URL | Tags | ||
|---|---|---|---|
| f5sirt@f5.com | https://my.f5.com/manage/s/article/K000140061 | Vendor Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://offsec.almond.consulting/privilege-escalation-f5-CVE-2024-45844.html | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C68A960D-0513-4261-860E-271D9DD603BA",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91C834B2-6D2A-4DF6-A512-20AF83CAE2F4",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E707672F-A960-4030-A977-9987EA4C400A",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "010CD23D-EA4D-43D5-95B0-7ABD373CE96C",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF3770F-7623-4BC5-9267-74ABC861B49D",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4596884-94D3-4C74-8DAB-6DAE139567A5",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B202F7A5-7E49-43C8-8E3B-545343A5D188",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78F3EDAA-9D79-4D2C-BB04-28358C29BBC7",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C66286A2-A1B7-4853-B809-DDBB0CC58EF0",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D77D9184-2B00-4F77-BE17-11CEFC59B279",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F37B5F5-6A55-4AA9-BB07-ED3F04AF1BB1",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DFF8A1-6696-4EB5-8924-C299C93799F0",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F18A8F4B-EB26-4B13-BF37-2BC4E20F4071",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50F76C2D-E9A7-4719-A5EA-5E9702E79757",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "605C1E0F-6355-4926-8D42-E64C6EE97A3D",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5E0F60-859A-4FFD-8139-F2103F5A5FEE",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CA0F1F8-82E1-4CF8-AD88-3B237BFD0257",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF796882-CF5E-4905-87C5-D52F95D9D66C",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A49CE1A-13E0-45CF-B53D-CA65CFBB335B",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EAF4EB3-2C22-41A7-8130-FA41D2392E75",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6E1610-5B19-48ED-869B-382C707A0249",
"versionEndExcluding": "15.1.10.5",
"versionStartIncluding": "15.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A235DA1-7C50-49A5-A874-7FA00EA8B7D9",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8910E0-3AC4-4FEE-8BA0-8E592F546B4C",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C5BCA9-39A7-446F-8B61-F69C704DDBEB",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF371739-2974-49F4-95BE-109ED6007A9F",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87E768C7-28EC-4999-8822-C8CE7EEE2270",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9697B71-CD20-42EF-8E6C-8C11FC84BE4C",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB3D3AA-00B7-4F3A-9B02-7467A8559325",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95C55C3E-D185-4E65-9F32-AD11BC2018B5",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C8A4F0-FECB-42DE-88F7-D647CE10BF16",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA8A9AAB-A316-4C4C-9BB5-DAF4951E5FEE",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4739D2EA-CA4B-4E42-842F-733DA88AF183",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A72B6A1F-492B-48D7-8F90-717CFAE9E0A0",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841D943B-F60B-4755-941A-79F8D9B54E25",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF9FDCB-A975-4A4E-8F58-C1E830E6836D",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14043026-1D70-46F9-BBA7-93460ACCB76A",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C260295-74F2-402C-B25E-3EDADF221A29",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9977B4-1808-4706-A98A-6BDF124773B0",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0286214-6B81-45FB-8113-B5A9A1B4BEC7",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB5AAB5-64A1-4956-9255-09E0C999CC1B",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "055A386F-ACAF-48A9-AB18-277270CF7A1C",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE85927-DBCF-418D-AFE7-2633917FD26B",
"versionEndExcluding": "16.1.5",
"versionStartIncluding": "16.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85C8C182-19C1-4A01-BD84-D942F10D45FF",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD496AB4-88F9-460F-BDAD-E37F699928FD",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4428815F-12D0-4B91-A073-1DCC488C0968",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA0A069-702D-4EFB-BB47-10EFF2103DCA",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B667715D-5C07-455C-ACFE-26555EE05E0F",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDFBB4F-DFB4-4A30-A5D6-3D8BCC5FFE7E",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67757716-C56A-44DB-95B1-E6B19B5AF052",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB1F24E3-FE3F-4483-B207-CF9527CE6E73",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE8F24C-9C74-4529-A491-71969203B3D9",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44585AD5-0A17-4761-A3A7-8945F7106933",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACCA3ECF-5B65-4B8E-AA0A-1D1B17FF4426",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E40E13D6-1F04-41DD-8CF0-08D6AA3489BA",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4766471C-9661-4515-AA3C-8ACE8EC3EC57",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B57E6BC-468F-430F-BF31-09F25679F409",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DBA23AE-16CA-4BF3-A55D-87A896E2736E",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A29F05D-A867-48F9-832A-5E3FDBAE028A",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C616D7A-CFA3-468D-9014-C6DD84CA3C94",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC23A84A-9F2D-4BDB-B0E0-0386915DE98E",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120CB3C4-6060-4F0D-B88D-7B0F0260CA1B",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8211A6-580F-46A4-B7BE-94A61C714BFB",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64175BB3-43EF-454E-8CAB-439CAF0092DD",
"versionEndExcluding": "17.1.1.4",
"versionStartIncluding": "17.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdown settings.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
},
{
"lang": "es",
"value": "La funci\u00f3n de monitorizaci\u00f3n de BIG-IP puede permitir que un atacante eluda las restricciones de control de acceso, independientemente de la configuraci\u00f3n de bloqueo de puertos. Nota: Las versiones de software que han alcanzado el fin del soporte t\u00e9cnico (EoTS) no se eval\u00faan."
}
],
"id": "CVE-2024-45844",
"lastModified": "2025-10-21T11:43:40.243",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "f5sirt@f5.com",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "f5sirt@f5.com",
"type": "Secondary"
}
]
},
"published": "2024-10-16T15:15:16.183",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://my.f5.com/manage/s/article/K000140061"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://offsec.almond.consulting/privilege-escalation-f5-CVE-2024-45844.html"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "f5sirt@f5.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…