CVE-2024-21763: 
F5 BIG-IP Advanced Firewall Manager vulnerability analysis and mitigation

A vulnerability in BIG-IP Advanced Firewall Manager (AFM) was discovered, identified as CVE-2024-21763. The vulnerability affects BIG-IP AFM when configured with NXDOMAIN attack vector and bad actor detection, where undisclosed queries can cause the Traffic Management Microkernel (TMM) to terminate. The vulnerability was disclosed on February 14, 2024, affecting versions 15.1.0-15.1.9, 16.1.0-16.1.3, and 17.1.0 of BIG-IP AFM (F5 Advisory).

The vulnerability is classified as a NULL Pointer Dereference (CWE-476) issue. It has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating that it is network accessible, requires low attack complexity, needs no privileges or user interaction, and can result in high availability impact (NVD).

When exploited, this vulnerability can cause the Traffic Management Microkernel (TMM) to terminate, resulting in a denial of service condition. This impact is particularly significant for organizations relying on BIG-IP AFM for their network security infrastructure (F5 Advisory).

F5 has released security updates to address this vulnerability. Users are advised to upgrade to the following fixed versions: 15.1.10, 16.1.4, or 17.1.1. Note that software versions which have reached End of Technical Support (EoTS) are not evaluated (ASEC).