F5-K000138634
First published: Wed May 08 2024(Updated: )
BIG-IP Next Central Manager may allow an unauthenticated, remote attacker to obtain BIG-IP Next LTM/WAF instance credentials.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 BIG-IP Next Central Manager | >=20.0.1<=20.0.2 | 20.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of F5-K000138634?
The severity of F5-K000138634 is critical due to the potential for unauthorized access to sensitive credentials.
How do I fix F5-K000138634?
To mitigate F5-K000138634, upgrade to the latest version of F5 BIG-IP Next Central Manager that is not vulnerable.
What versions are affected by F5-K000138634?
F5-K000138634 affects versions 20.0.1 to 20.1.0 of F5 BIG-IP Next Central Manager.
Who is at risk from the F5-K000138634 vulnerability?
Any organization using vulnerable versions of F5 BIG-IP Next Central Manager is at risk from F5-K000138634.
What has been disclosed in F5-K000138634?
F5-K000138634 discloses that an unauthenticated, remote attacker may obtain credentials for BIG-IP Next LTM/WAF instances.
- agent/references
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/event
- agent/type
- agent/description
- collector/f5-advisory
- source/F5
- alias/CVE-2024-32049
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- agent/source
- vendor/f5
- canonical/f5 big-ip next central manager
- version/f5 big-ip next central manager/20.0.1
- version/f5 big-ip next central manager/20.0.2