cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Contributor III

F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution

Dear All,

 

F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution.

The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximum of 10.

 

https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html

 

BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747 (f5....

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSM | CISSP | PMP
2 Replies
denbesten
Community Champion

From the advisory: "this is a control plane issue only.".  In other words, it is an attack against the management interface.  The important reminder for all of us (even those who are not F5 customers) is that management interfaces should only be accessible to those who need to manage the device.

 

Even the login prompt itself ought to whitelisted from source-IP addresses where your admins may likely be (office subnet, VPN addreses, etc.).  The goal being to prevent an actor from staging an authentication bypass attack against a particularly powerful interface.

 

Kyaw_Myo_Oo
Contributor III

Hi @denbesten 

 

Thanks for sharing your thoughts and comments and suggestions. 

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSM | CISSP | PMP