#VU82544 Authentication bypass using an alternate path or channel in BIG-IP and BIG-IQ Centralized Management - CVE-2023-46747

Cybersecurity Help s.r.o.

Published: 2023-10-27 | Updated: 2025-03-14

Vulnerability identifier: #VU82544

Vulnerability risk: High

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2023-46747

CWE-ID: CWE-288

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
BIG-IP
Hardware solutions / Firmware
BIG-IQ Centralized Management
Server applications / Remote management servers, RDP, SSH

Vendor: F5 Networks

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper authentication in the Configuration utility. A remote non-authenticated attacker can send a specially crafted requests to the system, bypass authentication and execute arbitrary commands on the device.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

BIG-IP: 13.1.0 - 13.1.5, 14.1.0 - 14.1.5.6, 15.1.0 - 15.1.10.2, 16.1.0 - 16.1.4.1, 17.1.0 - 17.1.0.3

BIG-IQ Centralized Management: before cvssv3 score

External links
https://my.f5.com/manage/s/article/K000137353

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

Latest bulletins with this vulnerability

Speculative race condition in BIG-IP Next Central Manager

Authentication bypass in BIG-IP Configuration utility