3 matches found
F5 BIG-IP Next Central Manager 20.0.1 < 20.2.0 OData Injection (K000138732)
The version of the Big-IP Next Central Manager installed on the remote Windows host is between 20.0.1 and 20.1.0. It is, therefore, affected by an OData Injection vulnerability as referenced in the K000138732 advisory. An unauthenticated attacker can exploit this vulnerability to execute maliciou...
CVE-2024-21793
CVE-2024-21793 : An OData injection vulnerability exists in the BIG-IP Next Central Manager API. Affected: BIG-IP Next Central Manager versions 20.0.1 to 20.1.0. Impact: unauthenticated remote attackers can execute malicious SQL statements via the API, potentially bypassing authentication or exfi...
K000138732: BIG-IP Next Central Manager OData Injection vulnerability CVE-2024-21793
Security Advisory Description An OData injection vulnerability exists in the BIG-IP Next Central Manager API URI. CVE-2024-21793 Impact An unauthenticated attacker can exploit this vulnerability to execute malicious SQL statements which may allow the attacker to access but not update information...