CVE-2024-28889

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-28889
When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.9 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://my.f5.com/manage/s/article/K000138912
Configurations

No configuration.

History

No history.

Information

Published : 2024-05-08 15:15

Updated : 2024-05-08 17:05

NVD link : CVE-2024-28889

Mitre link : CVE-2024-28889

CVE.ORG link : CVE-2024-28889

JSON object : View

Products Affected

No product.

CWE
CWE-825

Expired Pointer Dereference