Forum Discussion
THE_BLUE
Cirrostratus
CirrostratusBIG-IP HSB vulnerability CVE-2024-39778
When a stateless virtual server is configured on a BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause virtual servers to stop processing client connections and the Traffic M...
an easy search turns this article up for a stateless virtual server:
https://my.f5.com/manage/s/article/K13675
so , i am vulnerable if i meet the two condition? system with a High-Speed Bridge (HSB) and stateless virtual server ? otherwise I am good?
correct.
Yes, you are correct, and you need to be vulnerable if both the condition matches. Also there are new vulnerabilities relating old version. You can try to proceed with latest versions in 17.x to get more stable and vulnerability fixed version.
Aswin_mk
Cumulonimbus
CumulonimbusYes. Hsb is not there you are not vulnerable.
Below lists the BIG-IP platforms utilizing the HSB chips:
If your device note in this it's not.
BIG-IP 5000 (C109)
BIG-IP 7000 (D110)
BIG-IP 12250 (D111)
BIG-IP 10000 (D113)
BIG-IP 10350 (D112)
BIG-IP 11000 (E101)
BIG-IP 11050 (E102)
VIPRION B4300 Blade (A108)
VIPRION B4340N Blade (A110)
VIPRION B4450N Blade (A114)
BIG-IP iSeries i4x00 (C115)
BIG-IP iSeries i10000(C116)
BIG-IP iSeries i2x00 (C117)
BIG-IP iSeries i7000 (C118)
BIG-IP iSeries i7820-DF (C126)
BIG-IP iSeries i5000 (C119)
BIG-IP iSeries i5820-DF (C125)
BIG-IP iSeries i11000 (C123)
BIG-IP iSeries i11x00-DS (C124)
BIG-IP iSeries i15000 (D116)
BIG-IP iSeries i15820-DF (D120)
VIPRION B2100 Blade (A109)
VIPRION B2150 Blade (A113)
VIPRION B2250 Blade (A112)
Br
Aswin