Skip to main content

Big Ip Fraud Protection Services

2 CVEs product

Monthly

CVE-2023-46748 HIGH POC KEV THREAT This Week

An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Carrier Grade Nat Big Ip Ddos Hybrid Defender +16
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2023-46747 CRITICAL POC KEV EUVD KEV THREAT Emergency

Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Advanced Web Application Firewall Big Ip Carrier Grade Nat +16
NVD
CVSS 3.1
9.8
EPSS
96.5%
EPSS 4% CVSS 8.8
HIGH POC KEV THREAT This Week

An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Big Ip Access Policy Manager Big Ip Advanced Firewall Manager +18
NVD
EPSS 97% CVSS 9.8
CRITICAL POC KEV EUVD KEV THREAT Emergency

Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Advanced Firewall Manager +18
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy