VDB

GSD-2023-46747

GSD-2023-46747 PUBLISHED CVSS 9.800000190734863 CRITICAL

Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
F5BIG-IP16.1.0, 15.1.0, 14.1.0

Timeline

  • Oct 26, 2023 CVE Published
  • Oct 31, 2023 PoC Published
  • Oct 31, 2023 PoC Published
  • Nov 2, 2023 PoC Published
  • Nov 3, 2023 PoC Published
  • Oct 15, 2024 PoC Published
  • Dec 22, 2024 PoC Published
  • Dec 24, 2024 PoC Published
  • Dec 24, 2024 PoC Published
  • Jan 31, 2025 PoC Published
  • Feb 6, 2025 PoC Published
  • Feb 23, 2025 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›