Lucene search
K

6 matches found

CISA KEV Catalog
CISA KEV Catalog
added 2023/10/31 12:0 a.m.31 views

F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability

F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel vulnerability due to undisclosed requests that may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute system...

9.8CVSS7.9AI score0.96515EPSS
In wildExploits18
VulnCheck KEV
VulnCheck KEV
added 2023/10/30 12:0 a.m.2 views

VulnCheck KEV: CVE-2023-46748

F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with network access through the BIG-IP management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46747...

9.8CVSS7.5AI score0.96515EPSS
Exploits18References1
Circl
Circl
added 2023/10/27 12:18 a.m.11 views

CVE-2023-46748

creationtimestamp| type| source ---|---|--- 2023-10-27 00:18:13+00:00| seen| https://t.me/cibsecurity/73014 2023-10-31 21:10:02+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-11-01 09:43:20+00:00| exploited| https://t.me/itsecnews/3578 2023-11-01 10:48:35+00:00| exploited|...

8.8CVSS7.5AI score0.04468EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2023/10/27 12:0 a.m.60 views

F5 Networks BIG-IP : Multiple Vulnerabilities (K000137353, K000137365)

The version of F5 Networks BIG-IP installed on the remote host is potentially affected by multiple vulnerabilities as referenced in the K000137353 and K000137365 advisories: - K000137353: BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747 - K000137365:...

10AI score0.96515EPSS
Exploits18References5
CVE
CVE
added 2023/10/26 8:5 p.m.366 views

CVE-2023-46748

CVE-2023-46748 is an authenticated SQL injection vulnerability in F5 BIG-IP’s Configuration utility. An attacker with network access via the BIG-IP management port and/or self IPs can execute arbitrary system commands through the vulnerable Configuration utility. Affected BIG-IP versions include ...

8.8CVSS9.2AI score0.04468EPSS
In wildExploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/10/26 12:0 a.m.31 views

CVE-2023-46748

An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands. Note: Software...

8.8CVSS9.4AI score0.04468EPSS
In wildExploits1References3
Rows per page
Query Builder