CVE-2023-46747

Question

Has anyone heard about&nbsp;https://www.praetorian.com/blog/advisory-f5-big-ip-rce/It looks like this affects the same interface as&nbsp;CVE-2020-5902

enes_afsin_al · Accepted Answer

Hi MJV,
K000137353: BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747https://my.f5.com/manage/s/article/K000137353

mjv · Answer

Thank you so much!

jim_m · Answer

The F5 advisory says the hotfix is available from the downloads page for each product (scroll to the bottom). Yet i dont see it listed.

annohara · Answer

Yes, the F5 BIG-IP RCE vulnerability detailed in the Praetorian advisory impacts the Traffic Management User Interface (TMUI), similar to the CVE-2020-5902 vulnerability. It's crucial for users to apply patches promptly and follow recommended mitigation steps to secure their systems.

Forum Discussion

CVE-2023-46747

4 Replies

Recent Discussions

BWC iRule

GTM Packet Capture command

Citrix XenServer Big-IP Upgrade help

BIG-IP DNS iRule issue with static variable

F5 ASM logging profile to specify source IP

Related Content

Python script to test if a F5 BIG-IP is vulnerable to cve-2023-46747

BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747

Recommended version to fix both vulnerability CVE-2023-46747 and CVE-2023-40534