CVE Vulnerabilities

CVE-2024-23308

NULL Pointer Dereference

Published: Feb 14, 2024 | Modified: Feb 14, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed URL with Apply value and content signatures and detect threat campaigns.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Potential Mitigations

References