COOEY // HUBcompliance · community · intelligence

FAIL › dossier

BIG-IP Configuration Utility product

2
failure events
0
zero-days
0
RCEs
2
on KEV
1
critical
80
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 2 events

DateEventSevFlagsShameSummary
2023-10-31 CVE-2023-46747 critical ⌖KEV 80 F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel vulnerability due to undisclosed requests that may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses
2023-10-31 CVE-2023-46748 high ⌖KEV 50 F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with network access through the BIG-IP management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023