CVE-2024-23979

{"id": "CVE-2024-23979", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "f5sirt@f5.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-02-14T17:15:14.457", "references": [{"url": "https://my.f5.com/manage/s/article/K000134516", "source": "f5sirt@f5.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "f5sirt@f5.com", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "\nWhen SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP) authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. \n\n \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated"}, {"lang": "es", "value": "Cuando el perfil de autenticaci\u00f3n LDAP del certificado de cliente SSL o punto de distribuci\u00f3n de lista de revocaci\u00f3n de certificados (CRLDP) se configura en un servidor virtual, las solicitudes no divulgadas pueden provocar un aumento en la utilizaci\u00f3n de recursos de CPU. Nota: Las versiones de software que han llegado al final del soporte t\u00e9cnico (EoTS) no se eval\u00faan"}], "lastModified": "2024-02-14T18:04:45.380", "sourceIdentifier": "f5sirt@f5.com"}