Lucene search
China National Vulnerability DatabaseCNVD-2023-75602HistoryOct 11, 2023 - 12:00 a.m.
F5 Insufficient BIG-IP Session Expiration Vulnerability
2023-10-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
f5 big-ip
session expiration
vulnerability
configuration utility
authenticated users
management port
ip address
system commands
file manipulation
service disablement
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. F5 BIG-IP suffers from an insufficient session expiration vulnerability, which can be exploited by an attacker to reuse session cookies generated by the Configuration utility for authenticated users for a limited period of time, and accessed through the management port and/or from an IP address to execute arbitrary system commands, create or delete files, or disable services.
Related
cve
cve
CVE-2023-40537
2023-10-10 13:15:20
cvelist
cvelist
nvd
nvd
CVE-2023-40537
2023-10-10 13:15:20
nessus
nessus
prion
prion
Code injection
2023-10-10 13:15:00
f5
f5