{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-21T19:08:24.407","vulnerabilities":[{"cve":{"id":"CVE-2024-23976","sourceIdentifier":"f5sirt@f5.com","published":"2024-02-14T17:15:14.273","lastModified":"2026-06-17T07:13:59.193","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance\nmode restrictions utilizing iAppsLX templates on a BIG-IP system.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"},{"lang":"es","value":"Cuando se ejecuta en modo Dispositivo, un atacante autenticado al que se le haya asignado la función de Administrador puede eludir las restricciones del modo Dispositivo utilizando plantillas iAppsLX en un sistema BIG-IP. Nota: Las versiones de software que han llegado al final del soporte técnico (EoTS) no se evalúan"}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["Appliance Mode"],"versions":[{"version":"17.1.0","lessThan":"17.1.1","versionType":"custom","status":"affected"},{"version":"16.1.0 ","lessThan":"16.1.4","versionType":"custom","status":"affected"},{"version":"15.1.0 ","lessThan":"15.1.9","versionType":"custom","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"f5","product":"big-ip","defaultStatus":"unknown","cpes":["cpe:2.3:a:f5:big-ip:-:*:*:*:*:*:*:*"],"versions":[{"version":"17.1.0","lessThan":"17.1.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"16.1.4","versionType":"custom","status":"affected"},{"version":"15.1.0","lessThan":"15.1.9","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-02-15T16:29:49.640013Z","id":"CVE-2024-23976","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"F11226F6-9080-4126-ACBD-7211A2746214"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"A8F16422-A642-4614-96F2-E5B4877E8206"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndIncluding":"8.3.0","matchCriteriaId":"1B4F2DBC-4DA1-42D8-9BD9-2EAADA27CCDE"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"6DD4CF11-44E9-4596-9397-AF7DBD81277B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"DE979976-11C7-4AFF-8BE4-A094CC9C39CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"16795277-E8E2-4713-BD65-207655546649"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"0835E39B-F21E-4231-A4B9-5D511FF1B87A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"59203EBF-C52A-45A1-B8DF-00E17E3EFB51"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"F005EFFD-3A40-4762-B0D6-8760C406130F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"8705476E-A246-4B57-A0E1-FD626C1B0DE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"5C698C1C-A3DD-46E2-B05A-12F2604E7F85"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"8D82BCD8-136A-476C-AC86-710CA8B32EB7"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"377DE308-CF91-488A-B296-30A3B09451D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"87670A74-34FE-45DF-A725-25B804C845B3"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"C0FE692A-CD63-4354-B599-2F47EEEFDD37"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"B2F02EC0-E6C2-4E00-9804-043982D88BCE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"84D00768-E71B-4FF7-A7BF-F2C8CFBC900D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"E4958167-AB1F-4458-A06B-1B2DA313EEBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"D982C3E6-43DE-4AA8-889F-044E70C7FCB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"ABBD10E8-6054-408F-9687-B9BF6375CA09"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"944B8F9C-E5C6-4DA8-BF2B-1C0B6A388BC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"7DB6C626-BA78-4C06-8582-BFFCDF957429"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"83794B04-87E2-4CA9-81F5-BB820D0F5395"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"DCFAFFAC-000C-414D-83CF-B8B2C529D9CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"E68BFC75-6977-4644-A169-48263B896849"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"0A6E7035-3299-474F-8F67-945EA9A059D0"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"672067B7-C838-4F0B-B3D0-E85F71715B0A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"A4C17D18-1172-4396-9099-F1F5EAEACE5A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.9","matchCriteriaId":"1871634A-7609-4D01-8469-3D86F36DC19D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.4","matchCriteriaId":"603324D6-FE7A-4209-B92B-94EF09AB5FF2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*","matchCriteriaId":"667EB77B-DA13-4BA4-9371-EE3F3A109F38"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K91054692","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://my.f5.com/manage/s/article/K91054692","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}