What is the severity of CVE-2024-24775?

The severity of CVE-2024-24775 is currently not disclosed, but it may impact the availability of the affected systems.

How do I fix CVE-2024-24775?

To resolve CVE-2024-24775, you must upgrade your F5 BIG-IP devices to a fixed version listed in the remedy section of the vulnerability details.

Which F5 BIG-IP versions are affected by CVE-2024-24775?

CVE-2024-24775 affects F5 BIG-IP versions 15.1.0 to 15.1.9, 16.1.0 to 16.1.4, and 17.1.0.

What products are impacted by CVE-2024-24775?

Products impacted by CVE-2024-24775 include F5 BIG-IP, BIG-IP Access Policy Manager, and BIG-IP Advanced Firewall Manager among others.

What type of issue is CVE-2024-24775?

CVE-2024-24775 is a vulnerability that can lead to the termination of the Traffic Management Microkernel (TMM) due to undisclosed traffic.

Vulnerability/
CVE-2024-24775

high

7.5

CWE

476

EPSS

0.043%

14/2/2024

23/1/2025

CVE-2024-24775: BIG-IP TMM vulnerability

First published: Wed Feb 14 2024(Updated: )

When a virtual server is enabled with VLAN group and SNAT listener is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.

Credit: f5sirt@f5.com

Affected Software	Affected Version	How to fix
F5 BIG-IP	=17.1.0	17.1.1
F5 BIG-IP	>=16.1.0<=16.1.3	16.1.4
F5 BIG-IP	>=15.1.0<=15.1.9	15.1.10
F5 BIG-IP Access Policy Manager	>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager	>=16.1.0<16.1.4
F5 BIG-IP Access Policy Manager	=17.1.0
F5 BIG-IQ Centralized Management	>=8.0.0<=8.3.0
F5 BIG-IP Advanced Firewall Manager	>=15.1.0<15.1.9
F5 BIG-IP Advanced Firewall Manager	>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager	=17.1.0
F5 BIG-IP Analytics	>=15.1.0<15.1.9
F5 BIG-IP Analytics	>=16.1.0<16.1.4
F5 BIG-IP Analytics	=17.1.0
f5 big-ip application acceleration manager	>=15.1.0<15.1.9
f5 big-ip application acceleration manager	>=16.1.0<16.1.4
f5 big-ip application acceleration manager	=17.1.0
F5 BIG-IP Application Security Manager	>=15.1.0<15.1.9
F5 BIG-IP Application Security Manager	>=16.1.0<16.1.4
F5 BIG-IP Application Security Manager	=17.1.0
f5 big-ip domain name system	>=15.1.0<15.1.9
f5 big-ip domain name system	>=16.1.0<16.1.4
f5 big-ip domain name system	=17.1.0
f5 big-ip fraud protection service	>=15.1.0<15.1.9
f5 big-ip fraud protection service	>=16.1.0<16.1.4
f5 big-ip fraud protection service	=17.1.0
F5 BIG-IP Global Traffic Manager	>=15.1.0<15.1.9
F5 BIG-IP Global Traffic Manager	>=16.1.0<16.1.4
F5 BIG-IP Global Traffic Manager	=17.1.0
f5 big-ip link controller	>=15.1.0<15.1.9
f5 big-ip link controller	>=16.1.0<16.1.4
f5 big-ip link controller	=17.1.0
F5 BIG-IP Local Traffic Manager	>=15.1.0<15.1.9
F5 BIG-IP Local Traffic Manager	>=16.1.0<16.1.4
F5 BIG-IP Local Traffic Manager	=17.1.0
F5 BIG-IP Policy Enforcement Manager	>=15.1.0<15.1.9
F5 BIG-IP Policy Enforcement Manager	>=16.1.0<16.1.4
F5 BIG-IP Policy Enforcement Manager	=17.1.0

Never miss a vulnerability like this again

Reference Links

https://my.f5.com/manage/s/article/K000137333

Frequently Asked Questions

What is the severity of CVE-2024-24775?
The severity of CVE-2024-24775 is currently not disclosed, but it may impact the availability of the affected systems.
How do I fix CVE-2024-24775?
To resolve CVE-2024-24775, you must upgrade your F5 BIG-IP devices to a fixed version listed in the remedy section of the vulnerability details.
Which F5 BIG-IP versions are affected by CVE-2024-24775?
CVE-2024-24775 affects F5 BIG-IP versions 15.1.0 to 15.1.9, 16.1.0 to 16.1.4, and 17.1.0.
What products are impacted by CVE-2024-24775?
Products impacted by CVE-2024-24775 include F5 BIG-IP, BIG-IP Access Policy Manager, and BIG-IP Advanced Firewall Manager among others.
What type of issue is CVE-2024-24775?
CVE-2024-24775 is a vulnerability that can lead to the termination of the Traffic Management Microkernel (TMM) due to undisclosed traffic.

agent/weakness
agent/title
agent/references
agent/type
agent/author
collector/epss-latest
source/FIRST
agent/epss
agent/severity
agent/softwarecombine
agent/first-publish-date
agent/event
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
collector/f5-advisory
source/F5
alias/CVE-2024-24775
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/tags
collector/nvd-api
source/NVD
vendor/f5
canonical/f5 big-ip
version/f5 big-ip/17.1.0
version/f5 big-ip/16.1.0
version/f5 big-ip/16.1.3
version/f5 big-ip/15.1.0
version/f5 big-ip/15.1.9
canonical/f5 big-ip access policy manager
version/f5 big-ip access policy manager/15.1.0
version/f5 big-ip access policy manager/16.1.0
version/f5 big-ip access policy manager/17.1.0
canonical/f5 big-iq centralized management
version/f5 big-iq centralized management/8.0.0
version/f5 big-iq centralized management/8.3.0
canonical/f5 big-ip advanced firewall manager
version/f5 big-ip advanced firewall manager/15.1.0
version/f5 big-ip advanced firewall manager/16.1.0
version/f5 big-ip advanced firewall manager/17.1.0
canonical/f5 big-ip analytics
version/f5 big-ip analytics/15.1.0
version/f5 big-ip analytics/16.1.0
version/f5 big-ip analytics/17.1.0
canonical/f5 big-ip application acceleration manager
version/f5 big-ip application acceleration manager/15.1.0
version/f5 big-ip application acceleration manager/16.1.0
version/f5 big-ip application acceleration manager/17.1.0
canonical/f5 big-ip application security manager
version/f5 big-ip application security manager/15.1.0
version/f5 big-ip application security manager/16.1.0
version/f5 big-ip application security manager/17.1.0
canonical/f5 big-ip domain name system
version/f5 big-ip domain name system/15.1.0
version/f5 big-ip domain name system/16.1.0
version/f5 big-ip domain name system/17.1.0
canonical/f5 big-ip fraud protection service
version/f5 big-ip fraud protection service/15.1.0
version/f5 big-ip fraud protection service/16.1.0
version/f5 big-ip fraud protection service/17.1.0
canonical/f5 big-ip global traffic manager
version/f5 big-ip global traffic manager/15.1.0
version/f5 big-ip global traffic manager/16.1.0
version/f5 big-ip global traffic manager/17.1.0
canonical/f5 big-ip link controller
version/f5 big-ip link controller/15.1.0
version/f5 big-ip link controller/16.1.0
version/f5 big-ip link controller/17.1.0
canonical/f5 big-ip local traffic manager
version/f5 big-ip local traffic manager/15.1.0
version/f5 big-ip local traffic manager/16.1.0
version/f5 big-ip local traffic manager/17.1.0
canonical/f5 big-ip policy enforcement manager
version/f5 big-ip policy enforcement manager/15.1.0
version/f5 big-ip policy enforcement manager/16.1.0
version/f5 big-ip policy enforcement manager/17.1.0

CVE-2024-24775: BIG-IP TMM vulnerability

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-24775?

How do I fix CVE-2024-24775?

Which F5 BIG-IP versions are affected by CVE-2024-24775?

What products are impacted by CVE-2024-24775?

What type of issue is CVE-2024-24775?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-24775?

How do I fix CVE-2024-24775?

Which F5 BIG-IP versions are affected by CVE-2024-24775?

What products are impacted by CVE-2024-24775?

What type of issue is CVE-2024-24775?