Vulnerabilities > CVE-2024-23805 - Incorrect Calculation of Buffer Size vulnerability in F5 products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

CWE-131

NVD

Published: 2024-02-14

Updated: 2025-01-23

Summary

Undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables avr.IncludeServerInURI or avr.CollectOnlyHostnameFromURI are enabled. For BIG-IP Advanced WAF and ASM, this may occur when either a DoS or Bot Defense profile is configured on a virtual server and the DB variables avr.IncludeServerInURI or avr.CollectOnlyHostnameFromURI are enabled. Note: The DB variables avr.IncludeServerInURI and avr.CollectOnlyHostnameFromURI are not enabled by default. For more information about the HTTP Analytics profile and the Collect URLs setting, refer to K30875743: Create a new Analytics profile and attach it to your virtual servers https://my.f5.com/manage/s/article/K30875743 . Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Vulnerable Configurations

Part	Description	Count
Application	F5 F5 BIG IP Advanced WEB Application Firewall 17.1.0 F5 BIG IP Advanced WEB Application Firewall 16.1.0 F5 BIG IP Advanced WEB Application Firewall 16.1.1 F5 BIG IP Advanced WEB Application Firewall 16.1.2 F5 BIG IP Advanced WEB Application Firewall 16.1.3 F5 BIG IP Advanced WEB Application Firewall 16.1.3.1 F5 BIG IP Advanced WEB Application Firewall 16.1.3.3 F5 BIG IP Advanced WEB Application Firewall 16.1.3.4 F5 BIG IP Advanced WEB Application Firewall 16.1.3.5 F5 BIG IP Advanced WEB Application Firewall 16.1.4 F5 BIG IP Advanced WEB Application Firewall 15.1.0 F5 BIG IP Advanced WEB Application Firewall 15.1.0.2 F5 BIG IP Advanced WEB Application Firewall 15.1.0.4 F5 BIG IP Advanced WEB Application Firewall 15.1.0.5 F5 BIG IP Advanced WEB Application Firewall 15.1.1 F5 BIG IP Advanced WEB Application Firewall 15.1.2 F5 BIG IP Advanced WEB Application Firewall 15.1.2.1 F5 BIG IP Advanced WEB Application Firewall 15.1.3 F5 BIG IP Advanced WEB Application Firewall 15.1.4 F5 BIG IP Advanced WEB Application Firewall 15.1.4.1 F5 BIG IP Advanced WEB Application Firewall 15.1.5 F5 BIG IP Advanced WEB Application Firewall 15.1.6 F5 BIG IP Advanced WEB Application Firewall 15.1.7 F5 BIG IP Advanced WEB Application Firewall 15.1.8 F5 BIG IP Advanced WEB Application Firewall 15.1.8.2 F5 BIG IP Advanced WEB Application Firewall 15.1.9 F5 BIG IP Advanced WEB Application Firewall 15.1.9.1 F5 BIG IP Application Security Manager 16.1.0 F5 BIG IP Application Security Manager 16.1.1 F5 BIG IP Application Security Manager 16.1.2 F5 BIG IP Application Security Manager 16.1.2.2 F5 BIG IP Application Security Manager 16.1.3 F5 BIG IP Application Security Manager 16.1.3.1 F5 BIG IP Application Security Manager 16.1.3.3 F5 BIG IP Application Security Manager 16.1.3.4 F5 BIG IP Application Security Manager 16.1.3.5 F5 BIG IP Application Security Manager 16.1.4 F5 BIG IP Application Security Manager 17.1.0 F5 BIG IP Application Security Manager 15.1.0 F5 BIG IP Application Security Manager 15.1.0.1 F5 BIG IP Application Security Manager 15.1.0.2 F5 BIG IP Application Security Manager 15.1.0.3 F5 BIG IP Application Security Manager 15.1.0.4 F5 BIG IP Application Security Manager 15.1.0.5 F5 BIG IP Application Security Manager 15.1.1 F5 BIG IP Application Security Manager 15.1.2 F5 BIG IP Application Security Manager 15.1.2.1 F5 BIG IP Application Security Manager 15.1.3 F5 BIG IP Application Security Manager 15.1.4 F5 BIG IP Application Security Manager 15.1.4.1 F5 BIG IP Application Security Manager 15.1.5 F5 BIG IP Application Security Manager 15.1.5.1 F5 BIG IP Application Security Manager 15.1.6 F5 BIG IP Application Security Manager 15.1.7 F5 BIG IP Application Security Manager 15.1.8 F5 BIG IP Application Security Manager 15.1.8.1 F5 BIG IP Application Security Manager 15.1.8.2 F5 BIG IP Application Security Manager 15.1.9 F5 BIG IP Application Security Manager 15.1.9.1 F5 BIG IP Application Security Manager 15.1.10	60

Common Weakness Enumeration (CWE)

CWE-131 - Incorrect Calculation of Buffer Size

Common Attack Pattern Enumeration and Classification (CAPEC)

Overflow Buffers
Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
Buffer Overflow via Parameter Expansion
In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

References