6 matches found
F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability
F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel vulnerability due to undisclosed requests that may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute system...
VulnCheck KEV: CVE-2023-46748
F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with network access through the BIG-IP management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46747...
CVE-2023-46748
creationtimestamp| type| source ---|---|--- 2023-10-27 00:18:13+00:00| seen| https://t.me/cibsecurity/73014 2023-10-31 21:10:02+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-11-01 09:43:20+00:00| exploited| https://t.me/itsecnews/3578 2023-11-01 10:48:35+00:00| exploited|...
F5 Networks BIG-IP : Multiple Vulnerabilities (K000137353, K000137365)
The version of F5 Networks BIG-IP installed on the remote host is potentially affected by multiple vulnerabilities as referenced in the K000137353 and K000137365 advisories: - K000137353: BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747 - K000137365:...
CVE-2023-46748
CVE-2023-46748 is an authenticated SQL injection vulnerability in F5 BIG-IP’s Configuration utility. An attacker with network access via the BIG-IP management port and/or self IPs can execute arbitrary system commands through the vulnerable Configuration utility. Affected BIG-IP versions include ...
CVE-2023-46748
An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands. Note: Software...