CVE-2024-21789— BIG-IP ASM and Advanced WAF vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-21789
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BIG-IP ASM and Advanced WAF vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对已超过有效生命周期的资源丧失索引
Source: NVD (National Vulnerability Database)
Vulnerability Title
F5 BIG-IP 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP 存在安全漏洞,该漏洞源于在虚拟服务器上配置 BIG-IP ASM/高级 WAF 安全策略时,未公开的请求可能会导致内存资源利用率增加。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-21789
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-21789
请登录查看更多情报信息。
- https://my.f5.com/manage/s/article/K000137270vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-21789
Same Patch Batch · F5 · 2024-02-14 · 20 CVEs total
| CVE-2024-22093 | 8.7 HIGH | Appliance mode iControl REST vulnerability |
| CVE-2024-21763 | 7.5 HIGH | BIG-IP AFM vulnerability |
| CVE-2024-21771 | 7.5 HIGH | F5 AFM Signature Matching Vulnerability |
| CVE-2024-23979 | 7.5 HIGH | BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability |
| CVE-2024-21849 | 7.5 HIGH | BIG-IP Websockets vulnerability |
| CVE-2024-23314 | 7.5 HIGH | BIG-IP HTTP/2 vulnerability |
| CVE-2024-24775 | 7.5 HIGH | BIG-IP TMM vulnerability |
| CVE-2024-23805 | 7.5 HIGH | F5 Application Visibility and Reporting module and BIG-IP Advanced WAF/ASM vulnerability |
| CVE-2024-23308 | 7.5 HIGH | BIG-IP Advanced WAF and ASM vulnerability |
| CVE-2024-24990 | 7.5 HIGH | NGINX HTTP/3 QUIC vulnerability |
| CVE-2024-24989 | 7.5 HIGH | NGINX HTTP/3 QUIC vulnerability |
| CVE-2024-23982 | 7.5 HIGH | BIG-IP PEM vulnerability |
| CVE-2024-22389 | 7.2 HIGH | BIG-IP iControl REST API Vulnerability |
| CVE-2024-23306 | 7.1 HIGH | BIG-IP Next CNF & SPK vulnerability |
| CVE-2024-21782 | 6.7 MEDIUM | BIG-IP and BIG-IQ secure copy vulnerability |
| CVE-2024-24966 | 6.2 MEDIUM | F5OS vulnerability |
| CVE-2024-23976 | 6.0 MEDIUM | BIG-IP Appliance mode iAppsLX vulnerability |
| CVE-2024-23607 | 5.5 MEDIUM | F5OS QKView utility vulnerability |
| CVE-2024-23603 | 3.8 LOW | BIG-IP Advanced WAF and ASM Configuration utility vulnerability |
IV. Related Vulnerabilities
Same weakness: CWE-772
- CVE-2026-3104
Memory leak in code preparing DNSSEC proofs of non-existence - CVE-2026-2261
blocklistd(8) socket leak - CVE-2026-20082
Cisco Secure Firewall Adaptive Security Appliance 安全漏洞 - CVE-2026-2359
Multer vulnerable to Denial of Service via resource exhausti - CVE-2025-14969
Hibernate-reactive-core: hibernate reactive: denial of servi
V. Comments for CVE-2024-21789
No comments yet