CVE-2024-28132

CWE-9224 documents4 sources

Severity

4.4MEDIUM

EPSS

0.1%

top 83.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Big-ip Next CNF F5 Big-ip Next Cloud-native Network Functions

Timeline

PublishedMay 8

Description

Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local access to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5f5/big-ip_next_cnf1.2.0 — 1.3.0

▶NVDf5/big-ip_next_cloud-native_network_functions1.2.0 — 1.3.0

🔴Vulnerability Details

CVEList

BIG-IP NEXT CNF vulnerability↗2024-05-08

▶

GHSA

GHSA-hwq4-p9m3-4cjm: Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local access to view sens↗2024-05-08

▶

📋Vendor Advisories

CVE-2024-28132: Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attack...↗2024-05-08

▶