The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2.2 / 17.5.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K000140620 advisory.

    CVE-2024-38474Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows     attacker to execute scripts in directories permitted by the configuration but not directly reachable by     any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to     upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely     will now fail unless rewrite flag UnsafeAllow3F is specified.CVE-2024-38475Improper escaping of output     in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem     locations that are permitted to be served by the server but are not intentionally/directly reachable by     any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a     backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules     will be broken by this change and the rewrite flag UnsafePrefixStat can be used to opt back in once     ensuring the substitution is appropriately constrained.

Tenable has extracted the preceding description block directly from the F5 Networks BIG-IP security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

F5 Networks BIG-IP : Apache HTTPD vulnerabilities (K000140620)

critical Nessus Plugin ID 205621

Version 1.9