VDB
CVE-2024-22093
CVE-2024-22093
PUBLISHED
Es bestehen mehrere Schwachstellen in F5 BIG-IP. Diese Fehler bestehen neben der iControl REST API auch im iControl REST-Endpunkt und in den iAppsLX-Vorlagen aufgrund einer Befehlsinjektion, einer unsachgemäßen Berechtigungsvergabe und eines unzureichenden Sitzungsablaufs. Ein Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen.
EPSS 0.32% · 55.5th percentile
Risk Scores
EPSS Score
0.32%
55.5th percentile
Timeline
- Feb 14, 2024 CVE Published
- Feb 15, 2024 EPSS Score
- Mar 13, 2024 EPSS Score
- May 6, 2024 EPSS Score
- Jun 2, 2024 EPSS Score
- Jun 29, 2024 EPSS Score
- Jul 26, 2024 EPSS Score
- Sep 18, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 15, 2024 EPSS Score
- Nov 11, 2024 EPSS Score
- Dec 9, 2024 EPSS Score
References
- https://my.f5.com/manage/s/article/K000135946 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0392.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0392 advisory
- https://my.f5.com/manage/s/article/K000138353 advisory
- https://my.f5.com/manage/s/article/K000137522 advisory
- https://my.f5.com/manage/s/article/K000134516 advisory
- https://my.f5.com/manage/s/article/K000137334 advisory
- https://my.f5.com/manage/s/article/K000137416 advisory
- https://my.f5.com/manage/s/article/K000137521 advisory
- https://my.f5.com/manage/s/article/K000137595 advisory
- https://my.f5.com/manage/s/article/K000137675 advisory
- https://my.f5.com/manage/s/article/K32544615 advisory
- https://my.f5.com/manage/s/article/K98606833 advisory
- https://my.f5.com/manage/s/article/K91054692 advisory
- https://my.f5.com/manage/s/article/K000137886 advisory
- https://my.f5.com/manage/s/article/K000138047 advisory