Big-iq Centralized Management@* Security Vulnerabilities and Issues — Big-iq Centralized Management@* CVE List

Lucene search

F5Big-iq Centralized Management*

4 matches found

CVE•added 2023/08/02 4:15 p.m.•2516 views

CVE-2023-38419

An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

4.3CVSS4.8AI score0.00164EPSS

CVE•added 2023/10/10 1:15 p.m.•71 views

CVE-2023-41964

The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

6.5CVSS5.4AI score0.00198EPSS

CVE•added 2023/10/10 1:15 p.m.•60 views

CVE-2023-43485

When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.5CVSS5.8AI score0.00226EPSS

CVE•added 2023/05/03 3:15 p.m.•37 views

CVE-2023-29240

An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.4CVSS6AI score0.00094EPSS