CVE-2024-23976
published 2024-02-14CVE-2024-23976: When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX…
medium6CVSS 3.1
AVLACLPRHUINSUCHIHAN
When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance
mode restrictions utilizing iAppsLX templates on a BIG-IP system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Affected
49 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip | >= 15.1.0 < 15.1.9 | 15.1.9 |
| f5 | big-ip | >= 16.1.0 < 16.1.4 | 16.1.4 |
| f5 | big-ip | >= 17.1.0 < 17.1.1 | 17.1.1 |
| f5 | big-ip_aam | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | >= 15.1.0 < 15.1.9 | 15.1.9 |
| f5 | big-ip_access_policy_manager | >= 16.1.0 < 16.1.4 | 16.1.4 |
| f5 | big-ip_advanced_firewall_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | >= 15.1.0 < 15.1.9 | 15.1.9 |
| f5 | big-ip_advanced_firewall_manager | >= 16.1.0 < 16.1.4 | 16.1.4 |
| f5 | big-ip_afm | — | — |
| f5 | big-ip_analytics | — | — |
| f5 | big-ip_analytics | — | — |
| f5 | big-ip_analytics | >= 15.1.0 < 15.1.9 | 15.1.9 |
| f5 | big-ip_analytics | >= 16.1.0 < 16.1.4 | 16.1.4 |
| f5 | big-ip_apm | — | — |
| f5 | big-ip_application_acceleration_manager | — | — |
| f5 | big-ip_application_acceleration_manager | >= 15.1.0 < 15.1.9 | 15.1.9 |
| f5 | big-ip_application_acceleration_manager | >= 16.1.0 < 16.1.4 | 16.1.4 |
| f5 | big-ip_application_security_manager | — | — |
| f5 | big-ip_application_security_manager | >= 15.1.0 < 15.1.9 | 15.1.9 |
| f5 | big-ip_application_security_manager | >= 16.1.0 < 16.1.4 | 16.1.4 |
| f5 | big-ip_asm | — | — |
| f5 | big-ip_dns | — | — |
| f5 | big-ip_domain_name_system | — | — |