Lucene search
HistoryMay 08, 2024 - 3:15 p.m.
CVE-2024-21793
odata injection
big-ip
api
uri
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
9.1%
An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Related
nessus
nessus
F5 BIG-IP Next Central Manager 20.0.1 < 20.2.0 OData Injection (K000138732)
2024-05-09 00:00:00
F5 BIG-IP Next Central Manager < 20.2.0 SQLi (K000138732) (Direct Check)
2024-05-14 00:00:00
githubexploit
githubexploit
Exploit for CVE-2024-21793
2024-05-09 02:31:13
cvelist
cvelist
CVE-2024-21793 BIG-IP Central Manager OData Injection Vulnerability
2024-05-08 15:01:28
f5
f5
K000138732 : BIG-IP Next Central Manager OData Injection vulnerability CVE-2024-21793
2024-05-08 00:00:00
K000139404 : Quarterly Security Notification (May 2024)
2024-05-08 00:00:00
cve
cve
CVE-2024-21793
2024-05-08 15:15:07
wallarmlab
wallarmlab
thn
thn
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
9.1%
Related for NVD:CVE-2024-21793