| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.9 | $0-$5k | 0.00 |
Summary
A vulnerability was found in F5 NGINX Plus and NGINX Open Source. It has been classified as critical. Affected by this issue is some unknown functionality of the component QUIC Module. Performing a manipulation results in use after free. This vulnerability is identified as CVE-2024-24990. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.
Details
A vulnerability classified as critical has been found in F5 NGINX Plus and NGINX Open Source (Web Server) (unknown version). This affects an unknown code block of the component QUIC Module. The manipulation with an unknown input leads to a use after free vulnerability. CWE is classifying the issue as CWE-416. Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code. This is going to have an impact on availability. The summary by CVE is:
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
The weakness was released 02/14/2024 as K000138445. The advisory is shared at my.f5.com. This vulnerability is uniquely identified as CVE-2024-24990 since 02/02/2024. Neither technical details nor an exploit are publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 316964 (Tenable Sensor Proxy < 1.4.0 Multiple Vulnerabilities (TNS-2026-15)), which helps to determine the existence of the flaw in a target environment.
Upgrading eliminates this vulnerability.
The vulnerability is also documented in the vulnerability database at Tenable (316964). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
License
Website
- Vendor: https://f5.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.0VulDB Meta Temp Score: 6.9
VulDB Base Score: 5.9
VulDB Temp Score: 5.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.5
NVD Vector: 🔍
CNA Base Score: 7.5
CNA Vector (F5 Networks): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Use after freeCWE: CWE-416 / CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 316964
Nessus Name: Tenable Sensor Proxy < 1.4.0 Multiple Vulnerabilities (TNS-2026-15)
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Timeline
02/02/2024 🔍02/14/2024 🔍
02/14/2024 🔍
05/27/2026 🔍
Sources
Vendor: f5.comAdvisory: K000138445
Status: Confirmed
CVE: CVE-2024-24990 (🔍)
GCVE (CVE): GCVE-0-2024-24990
GCVE (VulDB): GCVE-100-253881
Entry
Created: 02/14/2024 19:20Updated: 05/27/2026 17:45
Changes: 02/14/2024 19:20 (50), 02/15/2024 11:10 (1), 06/11/2024 10:39 (15), 01/24/2025 18:09 (12), 05/27/2026 17:45 (2)
Complete: 🔍
Cache ID: 216::103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

could you please align to the official NVD NIST cpe "f5:nginx"? There is no cpe "f5:nginx_open_source", F5 NGINX Open Source and F5 Nginx Server are the same thing. These are two different names for the same product, the free and open source web server based on the NGINX project.
We would appreciate it very much.
Best Regards,
TEAM CERT
Want to stay up to date on a daily basis?
Enable the mail alert feature now!