Forum Discussion
THE_BLUE
Cirrostratus
CirrostratusBIG-IP HSB vulnerability CVE-2024-39778
When a stateless virtual server is configured on a BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause virtual servers to stop processing client connections and the Traffic M...
an easy search turns this article up for a stateless virtual server:
https://my.f5.com/manage/s/article/K13675
so , i am vulnerable if i meet the two condition? system with a High-Speed Bridge (HSB) and stateless virtual server ? otherwise I am good?
correct.
Yes, you are correct, and you need to be vulnerable if both the condition matches. Also there are new vulnerabilities relating old version. You can try to proceed with latest versions in 17.x to get more stable and vulnerability fixed version.
THE_BLUECirrostratus
Cirrostratusso let say Hsb is there, but in cve description they have mentioned "When a stateless virtual server is configured on a BIG-IP system with a High-Speed Bridge (HSB), " what they mean by stateless virtual server ? and does this mean if there no stateless virtual server is configured i am not vulnerable ?
so , i am vulnerable if i meet the two condition? system with a High-Speed Bridge (HSB) and stateless virtual server ? otherwise I am good?
boneyardMVP
an easy search turns this article up for a stateless virtual server:
https://my.f5.com/manage/s/article/K13675
so , i am vulnerable if i meet the two condition? system with a High-Speed Bridge (HSB) and stateless virtual server ? otherwise I am good?
correct.
- Aswin_mk
Cumulonimbus
Yes, you are correct, and you need to be vulnerable if both the condition matches. Also there are new vulnerabilities relating old version. You can try to proceed with latest versions in 17.x to get more stable and vulnerability fixed version.