VDB

CVE-2023-45226

CVE-2023-45226 PUBLISHED CVSS 7.400000095367432 HIGH

The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. This is only exposed when ssh debug is enabled.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

EPSS 0.57% · 69.1th percentile

Risk Scores

CVSS 3.1
7.400000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.57%
69.1th percentile

Affected Products

VendorProductVersions
f5big-ip_next_service_proxy_for_kubernetes1.5.0
F5BIG-IP Next SPK1.5.0

Exploit Intelligence

Timeline

  • Oct 10, 2023 CVE Published
  • Oct 10, 2023 PoC Published
  • Oct 11, 2023 EPSS Score
  • Nov 11, 2023 EPSS Score
  • Dec 13, 2023 EPSS Score
  • Jan 13, 2024 EPSS Score
  • Feb 14, 2024 EPSS Score
  • Mar 16, 2024 EPSS Score
  • Apr 17, 2024 EPSS Score
  • May 18, 2024 EPSS Score
  • Jun 19, 2024 EPSS Score
  • Jul 20, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›