HTTP response splitting in BIG-IP configuration utility



Risk Medium
Patch available NO
Number of vulnerabilities 1
CVE-ID CVE-2024-24795
CWE-ID CWE-113
Exploitation vector Network
Public exploit N/A
Vulnerable software
 BIG-IP
Hardware solutions / Firmware

Vendor F5 Networks

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) HTTP response splitting

EUVDB-ID: #VU88152

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-24795

CWE-ID: CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform HTTP splitting attacks.

The vulnerability exists due to software does not correctly process CRLF character sequences in multiple modules. A remote attacker can inject malicious response headers into backend applications and perform an HTTP desynchronization attack.

Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

BIG-IP: 15.0.0 - 17.1.2

CPE2.3 External links

http://my.f5.com/manage/s/article/K000139447


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###