/

CVE-2023-46748 Report - Details, Severity, & Advisorie...

CVE-2023-46748 Report - Details, Severity, & Advisories

Twingate Team

Jul 12, 2024

What is CVE-2023-46748?

A high-severity vulnerability, CVE-2023-46748, has been identified in the BIG-IP Configuration utility, affecting various versions of F5 BIG-IP products. This authenticated SQL injection vulnerability allows an attacker with network access to the Configuration utility to execute arbitrary system commands. The vulnerability impacts a wide range of systems, including those used in federal information systems and other software and hardware products. It is crucial for organizations to stay informed and take appropriate action to mitigate the risks associated with this vulnerability.

Who is impacted by this?

The impacted versions include BIG-IP Access Policy Manager, Advanced Firewall Manager, Carrier-Grade NAT, DDoS Hybrid Defender, SSL Orchestrator, Local Traffic Manager, Policy Enforcement Manager, Automation Toolchain, Container Ingress Services, Advanced Web Application Firewall, Domain Name System, Fraud Protection Services, Global Traffic Manager, Link Controller, WebAccelerator, and WebSafe. The affected versions range from 13.1.0 to 17.1.1, with specific version numbers varying for each product.

What to do if CVE-2023-46748 affected you

If you're affected by the CVE-2023-46748 vulnerability, it's crucial to take immediate action to mitigate the risks. Start by checking if your version of BIG-IP is vulnerable and install the fix if necessary. To further protect your system, consider blocking the Configuration utility through self-IP addresses or the management interface. Regularly update your vulnerability management procedures and prioritize known exploited vulnerabilities for remediation.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-46748 vulnerability, also known as the F5 BIG-IP Configuration Utility SQL Injection Vulnerability, is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on October 31, 2023, and the due date for required action is November 21, 2023. Organizations must apply mitigations as per vendor instructions or discontinue using the affected product if mitigations are unavailable.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89, which is an SQL injection issue in the BIG-IP Configuration utility.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the National Vulnerability Database page or refer to the sources below:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-46748 Report - Details, Severity, & Advisorie...

CVE-2023-46748 Report - Details, Severity, & Advisories

Twingate Team

Jul 12, 2024

What is CVE-2023-46748?

A high-severity vulnerability, CVE-2023-46748, has been identified in the BIG-IP Configuration utility, affecting various versions of F5 BIG-IP products. This authenticated SQL injection vulnerability allows an attacker with network access to the Configuration utility to execute arbitrary system commands. The vulnerability impacts a wide range of systems, including those used in federal information systems and other software and hardware products. It is crucial for organizations to stay informed and take appropriate action to mitigate the risks associated with this vulnerability.

Who is impacted by this?

The impacted versions include BIG-IP Access Policy Manager, Advanced Firewall Manager, Carrier-Grade NAT, DDoS Hybrid Defender, SSL Orchestrator, Local Traffic Manager, Policy Enforcement Manager, Automation Toolchain, Container Ingress Services, Advanced Web Application Firewall, Domain Name System, Fraud Protection Services, Global Traffic Manager, Link Controller, WebAccelerator, and WebSafe. The affected versions range from 13.1.0 to 17.1.1, with specific version numbers varying for each product.

What to do if CVE-2023-46748 affected you

If you're affected by the CVE-2023-46748 vulnerability, it's crucial to take immediate action to mitigate the risks. Start by checking if your version of BIG-IP is vulnerable and install the fix if necessary. To further protect your system, consider blocking the Configuration utility through self-IP addresses or the management interface. Regularly update your vulnerability management procedures and prioritize known exploited vulnerabilities for remediation.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-46748 vulnerability, also known as the F5 BIG-IP Configuration Utility SQL Injection Vulnerability, is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on October 31, 2023, and the due date for required action is November 21, 2023. Organizations must apply mitigations as per vendor instructions or discontinue using the affected product if mitigations are unavailable.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89, which is an SQL injection issue in the BIG-IP Configuration utility.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the National Vulnerability Database page or refer to the sources below:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-46748 Report - Details, Severity, & Advisories

Twingate Team

Jul 12, 2024

What is CVE-2023-46748?

A high-severity vulnerability, CVE-2023-46748, has been identified in the BIG-IP Configuration utility, affecting various versions of F5 BIG-IP products. This authenticated SQL injection vulnerability allows an attacker with network access to the Configuration utility to execute arbitrary system commands. The vulnerability impacts a wide range of systems, including those used in federal information systems and other software and hardware products. It is crucial for organizations to stay informed and take appropriate action to mitigate the risks associated with this vulnerability.

Who is impacted by this?

The impacted versions include BIG-IP Access Policy Manager, Advanced Firewall Manager, Carrier-Grade NAT, DDoS Hybrid Defender, SSL Orchestrator, Local Traffic Manager, Policy Enforcement Manager, Automation Toolchain, Container Ingress Services, Advanced Web Application Firewall, Domain Name System, Fraud Protection Services, Global Traffic Manager, Link Controller, WebAccelerator, and WebSafe. The affected versions range from 13.1.0 to 17.1.1, with specific version numbers varying for each product.

What to do if CVE-2023-46748 affected you

If you're affected by the CVE-2023-46748 vulnerability, it's crucial to take immediate action to mitigate the risks. Start by checking if your version of BIG-IP is vulnerable and install the fix if necessary. To further protect your system, consider blocking the Configuration utility through self-IP addresses or the management interface. Regularly update your vulnerability management procedures and prioritize known exploited vulnerabilities for remediation.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-46748 vulnerability, also known as the F5 BIG-IP Configuration Utility SQL Injection Vulnerability, is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on October 31, 2023, and the due date for required action is November 21, 2023. Organizations must apply mitigations as per vendor instructions or discontinue using the affected product if mitigations are unavailable.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89, which is an SQL injection issue in the BIG-IP Configuration utility.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the National Vulnerability Database page or refer to the sources below: