cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-45844,https://securityvulnerability.io/vulnerability/CVE-2024-45844,BIG-IP Monitor Functionality Vulnerability Allows Bypass of Access Control Restrictions,"The vulnerability CVE-2024-45844 affects F5 Networks' BIG-IP monitor functionality and allows attackers to bypass access control restrictions, potentially compromising the system. An attacker with Manager role privileges can elevate their privileges and modify the configuration, even with port lockdown settings in place. A PoC exploit has been published, demonstrating how an attacker with Manager role privileges can create a Local Traffic Manager monitor and use it to send a malicious MCP message, effectively bypassing access control restrictions. It is advised that organizations using affected versions update their systems to the latest fixed versions as soon as possible and implement temporary mitigations until updates are applied. The CVSSv4 score for this vulnerability is 8.6, indicating a high severity level, and organizations are urged to take immediate action to protect their BIG-IP systems.",F5 Networks,,,,0.0004299999854993075,false,true,false,true,,false,false,2024-10-16T15:15:00.000Z,0
CVE-2024-21793,https://securityvulnerability.io/vulnerability/CVE-2024-21793,OData Injection Vulnerability in F5 Networks' BIG-IP Next Central Manager API,"An OData injection vulnerability has been identified in the BIG-IP Next Central Manager API, potentially allowing attackers to exploit the API through crafted OData requests. This vulnerability impacts the integrity and availability of the affected products, emphasizing the need for immediate awareness and remediation strategies. It's important to note that software versions which have reached End of Technical Support (EoTS) are not evaluated for this vulnerability. Users are advised to apply appropriate security patches to mitigate the risk associated with this vulnerability.",F5,Big-ip Next Central Manager,9.8,CRITICAL,0.000910000002477318,false,true,true,true,,false,false,2024-05-08T15:01:28.422Z,0
CVE-2024-26026,https://securityvulnerability.io/vulnerability/CVE-2024-26026,F5 Networks BIG-IP Next Central Manager API SQL Injection Vulnerability,"An SQL injection vulnerability has been identified in the F5 Networks BIG-IP Next Central Manager API which could allow an attacker to manipulate database queries through crafted input. This can lead to unauthorized data access or alteration, significantly compromising system integrity and privacy. It is essential to apply patches or updates to the affected products to mitigate potential exploitation risks. Software versions that have reached End of Technical Support (EoTS) are not considered in this evaluation, highlighting the importance of maintaining up-to-date software.",F5,Big-ip Next Central Manager,9.8,CRITICAL,0.000910000002477318,false,true,false,true,true,true,false,2024-05-08T15:01:28.771Z,8445