CVE-2024-24966
published 2024-02-14CVE-2024-24966: When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note: Software versions which…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | f5os | — | — |
| f5 | f5os-a | — | — |
| f5 | f5os-a | — | — |
| f5 | f5os-c | — | — |
| f5 | f5os-c | >= 1.3.0 < 1.6.0 | 1.6.0 |
| f5 | f5os_appliance | >= 1.2.0 < 1.3.0 | 1.3.0 |
| f5 | f5os_chassis | >= 1.3.0 < 1.6.0 | 1.6.0 |