2023-10-29 09:06:41 +00:00
{
"id" : "CVE-2023-46748" ,
"sourceIdentifier" : "f5sirt@f5.com" ,
"published" : "2023-10-26T21:15:08.177" ,
2023-11-16 03:00:23 +00:00
"lastModified" : "2023-11-16T02:15:26.963" ,
"vulnStatus" : "Modified" ,
2023-11-07 21:03:21 +00:00
"cisaExploitAdd" : "2023-10-31" ,
"cisaActionDue" : "2023-11-21" ,
"cisaRequiredAction" : "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable." ,
"cisaVulnerabilityName" : "F5 BIG-IP Configuration Utility SQL Injection Vulnerability" ,
2023-10-29 09:06:41 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which \n\nmay allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands.\n\n\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
} ,
{
"lang" : "es" ,
"value" : "Existe una vulnerabilidad de inyecci\u00f3n SQL autenticada en la utilidad de configuraci\u00f3n BIG-IP que puede permitir que un atacante autenticado con acceso de red a la utilidad de configuraci\u00f3n a trav\u00e9s del puerto de administraci\u00f3n BIG-IP y/o direcciones IP propias ejecute comandos arbitrarios del sistema. Nota: Las versiones de software que han llegado al End of Technical Support (EoTS) no se eval\u00faan"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "f5sirt@f5.com" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "HIGH" ,
"baseScore" : 8.8 ,
"baseSeverity" : "HIGH"
} ,
"exploitabilityScore" : 2.8 ,
"impactScore" : 5.9
}
]
} ,
"weaknesses" : [
{
2023-11-07 21:03:21 +00:00
"source" : "nvd@nist.gov" ,
2023-10-29 09:06:41 +00:00
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-89"
}
]
2023-11-07 21:03:21 +00:00
} ,
{
"source" : "f5sirt@f5.com" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-89"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "D93F04AD-DF14-48AB-9F13-8B2E491CF42E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "7522C760-7E07-406F-BF50-5656D5723C4F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "3A7F605E-EB10-40FB-98D6-7E3A95E310BC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "783E62F2-F867-48F1-B123-D1227C970674"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "DB629442-AB06-4552-A7A2-CAF967E47C39"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "6603ED6A-3366-4572-AFCD-B3D4B1EC7606"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "88978E38-81D3-4EFE-8525-A300B101FA69"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "0510296F-92D7-4388-AE3A-0D9799C2FC4D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "D7698D6C-B1F7-43C1-BBA6-88E956356B3D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "E1EA69BC-2AAF-4652-BD2D-95BB754880AF"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "4C9FCBCB-9CE0-49E7-85C8-69E71D211912"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "112DFA85-90AD-478D-BD70-8C7C0C074F1B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "DB704A1C-D8B7-48BB-A15A-C14DB591FE4A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "21D51D9F-2840-4DEA-A007-D20111A1745C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "C640FA3F-7AB7-4875-B01D-9DB41CEB432B"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "CAEF3EA4-7D5A-4B44-9CE3-258AEC745866"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "2FBCE2D1-9D93-415D-AB2C-2060307C305A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "8070B469-8CC4-4D2F-97D7-12D0ABB963C1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "A326597E-725D-45DE-BEF7-2ED92137B253"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "7479843E-F2D9-4815-95BC-F4223119753C"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "8A6F9699-A485-4614-8F38-5A556D31617E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "5A90F547-97A2-41EC-9FDF-25F869F0FA38"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "E76E1B82-F1DC-4366-B388-DBDF16C586A0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "660137F4-15A1-42D1-BBAC-99A1D5BB398B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "25E7DBE6-D708-4257-BA8B-90A4DB6DE1EA"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "0360F76D-E75E-4B05-A294-B47012323ED9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "7A4607BF-41AC-4E84-A110-74E085FF0445"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "441CC945-7CA3-49C0-AE10-94725301E31D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "46BA8E8A-6ED5-4FB2-8BBC-586AA031085A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "820076A8-F163-4471-8B1E-5290BD1D6D93"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "8257AA59-C14D-4EC1-B22C-DFBB92CBC297"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "37DB32BB-F4BA-4FB5-94B1-55C3F06749CF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "FFF5007E-761C-4697-8D34-C064DF0ABE8D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "910441D3-90EF-4375-B007-D51120A60AB2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "17523F89-DF78-45B7-AEAB-A4886E99E08B"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "89ADA880-7A5B-49DA-AEA4-BC19D7C41916"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "3D33AA82-3AE5-4165-9B54-8C03381D98AD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "56800E2E-119D-468B-B407-9CFACD8C00D7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "CAA278BA-B020-4BED-91DA-1CD8966512D6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "E874DD74-E654-44EE-A1A3-57D7CA772FB1"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "5D87EE02-C9AF-4824-BAB1-5F674C51D78E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "5630F852-7110-4332-95DF-2D34365BA076"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "425A5D8F-C719-459F-8FF4-FC3EFB4B6BB3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "3095B6F6-C2FF-44B2-97AA-EEF5F475A608"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "437CA326-41B9-4DBD-93B6-1FF93F5EAFCE"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "05E452AA-A520-4CBE-8767-147772B69194"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "596FC5D5-7329-4E39-841E-CAE937C02219"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "B3C7A168-F370-441E-8790-73014BCEC39F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "CF16FD01-7704-40AB-ACB2-80A883804D22"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "732CE215-90B1-444A-BBA4-3FF63D6C63DF"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "08B25AAB-A98C-4F89-9131-29E3A8C0ED23"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "98D2CE1E-DED0-470A-AA78-C78EF769C38E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "C966FABA-7199-4F0D-AB8C-4590FE9D2FFF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "375D359B-E05B-4AEC-9B39-46911847A410"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "922AA845-530A-4B4B-9976-4CBC30C8A324"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "F938EB43-8373-47EB-B269-C6DF058A9244"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "1771493E-ACAA-477F-8AB4-25DB12F6AD6E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "31C4D96A-6D71-44B5-8B94-AE9DFA93873B"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "9167FEC1-2C37-4946-9657-B4E69301FB24"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "7B4B3442-E0C0-48CD-87AD-060E15C9801E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "8FA85EC1-D91A-49DD-949B-2AF7AC813CA5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "20662BB0-4C3D-4CF0-B068-3555C65DD06C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "D64EDCAD-F658-41A9-8838-41A2913EE8B7"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "7EC2324D-EC8B-41DF-88A7-819E53AAD0FC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "9B88F9D1-B54B-40C7-A18A-26C4A071D7EC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "C8F39403-C259-4D6F-9E9A-53671017EEDB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "220F2D38-FA82-45EF-B957-7678C9FEDBC1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "33B4FE55-81A7-41F8-ADB8-B0F84C8205C4"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "C7E422F6-C4C2-43AC-B137-0997B5739030"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "CC3F710F-DBCB-4976-9719-CF063DA22377"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "88EDFCD9-775C-48FA-9CDA-2B04DA8D0612"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "8C61E3E7-C594-40D9-936A-19CD26B170E6"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_services:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "84D9CD72-ED25-4447-9DD5-41ED51C891E5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_services:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "00DEABFC-139A-4306-BCFA-6CE700D64327"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_services:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "958C34E5-668D-416A-99AF-2C6F042A2215"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_services:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "659376E8-FCCA-45E1-BDFB-C50117A66484"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_fraud_protection_services:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "B84C35AD-D355-4DB4-99F1-6EBA2D91F322"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "E6018B01-048C-43BB-A78D-66910ED60CA9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "3A6A5686-5A8B-45D5-9165-BC99D2CCAC47"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "5D2A121F-5BD2-4263-8ED3-1DDE25B5C306"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "DF43CD3A-2C94-4663-B5D5-0327FD3E1F3D"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "D9EC2237-117F-43BD-ADEC-516CF72E04EF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "F70D4B6F-65CF-48F4-9A07-072DFBCE53D9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "29563719-1AF2-4BB8-8CCA-A0869F87795D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "D24815DD-579A-46D1-B9F2-3BB2C56BC54D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "95C1F4F7-7533-44CE-BE4C-BF71EAFA62EA"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "1932D32D-0E4B-4BBD-816F-6D47AB2E2F04"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "D47B7691-A95B-45C0-BAB4-27E047F3C379"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "2CD1637D-0E42-4928-867A-BA0FDB6E8462"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "3A599F90-F66B-4DF0-AD7D-D234F328BD59"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "609593AD-6E6D-4B8D-B01B-EF4768E8DF10"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "13.1.0" ,
"versionEndIncluding" : "13.1.5" ,
"matchCriteriaId" : "5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "14.1.0" ,
"versionEndIncluding" : "14.1.5" ,
"matchCriteriaId" : "57D92D05-C67D-437E-88F3-DCC3F6B0ED2F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "15.1.0" ,
"versionEndIncluding" : "15.1.10" ,
"matchCriteriaId" : "ECCB8C30-861E-4E48-A5F5-30EE523C1FB6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "16.1.0" ,
"versionEndIncluding" : "16.1.4" ,
"matchCriteriaId" : "F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "17.1.0" ,
"versionEndIncluding" : "17.1.1" ,
"matchCriteriaId" : "2044D97E-5637-45BA-A004-A717B5E793FD"
}
]
}
]
2023-10-29 09:06:41 +00:00
}
] ,
"references" : [
{
"url" : "https://my.f5.com/manage/s/article/K000137365" ,
2023-11-07 21:03:21 +00:00
"source" : "f5sirt@f5.com" ,
"tags" : [
"Vendor Advisory"
]
2023-11-16 03:00:23 +00:00
} ,
{
"url" : "https://www.secpod.com/blog/f5-issues-warning-big-ip-vulnerability-used-in-active-exploit-chain/" ,
"source" : "f5sirt@f5.com"
2023-10-29 09:06:41 +00:00
}
]
}
