Security Advisory Description On February 14, 2024, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. You can watch the February 2024 Quarterly Security Notification briefing by DevCentral in the following video: High CVEs Medium CVEs Low CVEs Security Exposures High CVEs Article (CVE)| CVSS score| Affected products| Affected versions1| Fixes introduced in —|—|—|—|— K000137522: BIG-IP iControl REST vulnerability CVE-2024-22093| 8.7| BIG-IP (all modules)| 17.1.0 16.1.0 – 16.1.3 15.1.0 – 15.1.8| 17.1.1 16.1.4 15.1.9 K000134516: BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability CVE-2024-23979| 7.5| BIG-IP (all modules)| 17.1.0 16.1.0 – 16.1.3 15.1.0 – 15.1.8| 17.1.1 16.1.4 15.1.9 K000135873: BIG-IP Websockets vulnerability CVE-2024-21849| 7.5| BIG-IP (Advanced WAF/ASM)| 16.1.0 – 16.1.3| 17.1.0 16.1.4 K000135946: BIG-IP PEM vulnerability CVE-2024-23982| 7.5| BIG-IP (PEM)| 17.1.0 – 17.1.12 16.1.0 – 16.1.42 15.1.0 – 15.1.102| None2 K000137270: BIG-IP Advanced WAF and BIG-IP ASM and vulnerability CVE-2024-21789| 7.5| BIG-IP (Advanced WAF/ASM)| 17.1.0| 17.1.1 K000137333: BIG-IP TMM vulnerability CVE-2024-24775| 7.5| BIG-IP (all modules)| 17.1.0 16.1.0 – 16.1.3 15.1.0 – 15.1.9| 17.1.1 16.1.4 15.1.10 K000137334: F5 Application…Read More