#VU89293 Man-in-the-Middle (MitM) attack in BIG-IP Next Central Manager - CVE-2024-32049

Cybersecurity Help s.r.o.

Published: 2024-05-09

Vulnerability identifier: #VU89293

Vulnerability risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-32049

CWE-ID: CWE-300

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
BIG-IP Next Central Manager
Web applications / Remote management & hosting panels

Vendor: F5 Networks

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to insecure communication between the BIG-IP Next Central Manager and BIG-IP Next LTM/WAF instances. A remote attacker can perform MitM attack and decrypt traffic between the instances.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

BIG-IP Next Central Manager: 20.0.1 - 20.0.2

External links
https://my.f5.com/manage/s/article/K000138634

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

MitM attack in F5 BIG-IP Next Central Manager