Vulnerabilities > CVE-2024-39792 - Operation on a Resource after Expiration or Release vulnerability in F5 Nginx Plus R30/R31/R32

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

CWE-672

NVD

Published: 2024-08-14

Updated: 2024-08-19

Summary

When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Vulnerable Configurations

Part	Description	Count
Application	F5 F5 Nginx Plus R30 F5 Nginx Plus R31 F5 Nginx Plus R32	6

Common Weakness Enumeration (CWE)

CWE-672 - Operation on a Resource after Expiration or Release

References

https://my.f5.com/manage/s/article/K000140108