Vulnerabilities > F5 > BIG IP Advanced WEB Application Firewall > 17.1.1

DATE CVE VULNERABILITY TITLE RISK
2024-02-14 CVE-2024-21789 Missing Release of Resource after Effective Lifetime vulnerability in F5 products
When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
network
low complexity
f5 CWE-772
7.5
2024-02-14 CVE-2024-23308 NULL Pointer Dereference vulnerability in F5 products
When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate.
network
low complexity
f5 CWE-476
7.5