Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 30 Jul 2025 02:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'Yes', 'Exploitation': 'active', 'Technical Impact': 'Total'}, 'version': '2.0.3'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 13 Feb 2025 17:30:00 +0000

Type Values Removed Values Added
Description Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Mon, 10 Feb 2025 23:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

ssvc

{'options': {'Automatable': 'Yes', 'Exploitation': 'active', 'Technical Impact': 'Total'}, 'version': '2.0.3'}


Mon, 03 Feb 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2023-10-31'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published:

Updated: 2025-07-30T01:37:13.346Z

Reserved: 2023-10-25T18:51:34.198Z

Link: CVE-2023-46747

cve-icon Vulnrichment

Updated: 2024-08-02T20:53:21.594Z

cve-icon NVD

Status : Analyzed

Published: 2023-10-26T21:15:08.097

Modified: 2025-04-02T20:32:09.563

Link: CVE-2023-46747

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.