F5-K000133111
First published: Wed Feb 14 2024(Updated: )
When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 F5OS | =1.2.0 | 1.3.0 |
| F5 F5OS | >=1.3.0<=1.5.1 | 1.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of F5-K000133111?
The severity of F5-K000133111 is critical due to the potential for unauthorized access.
How do I fix F5-K000133111?
To fix F5-K000133111, upgrade to F5OS-A version 1.3.0 or later, or F5OS-C version 1.6.0 or later.
What vulnerabilities are related to F5-K000133111?
F5-K000133111 specifically involves incorrect authorization of remote users in LDAP authentication settings.
Who is affected by F5-K000133111?
Users of F5OS-A version 1.2.0 and F5OS-C versions between 1.3.0 and 1.5.1 are affected by F5-K000133111.
What are the implications of F5-K000133111?
The implications of F5-K000133111 include unauthorized access to resources by users without assigned roles.
- agent/references
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/event
- agent/type
- agent/description
- agent/softwarecombine
- agent/source
- agent/tags
- collector/f5-advisory
- source/F5
- alias/CVE-2024-24966
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/f5
- canonical/f5 f5os
- version/f5 f5os/1.2.0
- version/f5 f5os/1.3.0
- version/f5 f5os/1.5.1