CVE-2023-43746 (GCVE-0-2023-43746)

Vulnerability from cvelistv5 – Published: 2023-10-10 12:36 – Updated: 2024-09-18 18:38
VLAI?
Summary
When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system.  A successful exploit can allow the attacker to cross a security boundary.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity ?
8.7 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
CWE
  • CWE-267 - Privilege Defined With Unsafe Action
Assigner
f5
References
Impacted products
Vendor Product Version
F5 BIG-IP Unaffected: 17.1.0 , < * (semver)
Affected: 16.1.0 , < 16.1.4 (semver)
Affected: 15.1.0 , < 15.1.9 (semver)
Affected: 14.1.0 , < * (semver)
Affected: 13.1.0 , < * (semver)
Create a notification for this product.
Credits
F5
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:52:10.839Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://my.f5.com/manage/s/article/K41072952"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-43746",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-18T18:37:26.762965Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-18T18:38:18.822Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "modules": [
            "All Modules"
          ],
          "product": "BIG-IP",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "17.1.0",
              "versionType": "semver"
            },
            {
              "lessThan": "16.1.4",
              "status": "affected",
              "version": "16.1.0",
              "versionType": "semver"
            },
            {
              "lessThan": "15.1.9",
              "status": "affected",
              "version": "15.1.0",
              "versionType": "semver"
            },
            {
              "lessThan": "*",
              "status": "affected",
              "version": "14.1.0",
              "versionType": "semver"
            },
            {
              "lessThan": "*",
              "status": "affected",
              "version": "13.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "F5"
        }
      ],
      "datePublic": "2023-10-18T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhen running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system.\u0026nbsp; A successful exploit can allow the attacker to cross a security boundary.\u003c/span\u003e\u0026nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
            }
          ],
          "value": "\nWhen running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system.\u00a0 A successful exploit can allow the attacker to cross a security boundary.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "Appliance Mode Only"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-267",
              "description": "CWE-267 Privilege Defined With Unsafe Action",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-10T12:36:52.839Z",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://my.f5.com/manage/s/article/K41072952"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "BIG-IP Appliance mode external monitor vulnerability",
      "x_generator": {
        "engine": "F5 SIRTBot v1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2023-43746",
    "datePublished": "2023-10-10T12:36:52.839Z",
    "dateReserved": "2023-10-05T19:17:25.706Z",
    "dateUpdated": "2024-09-18T18:38:18.822Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"94E0B611-902C-46BC-A099-881398828F0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"F11226F6-9080-4126-ACBD-7211A2746214\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"A8F16422-A642-4614-96F2-E5B4877E8206\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"4AF2DF45-D15E-4239-A66C-9F8A924E383A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"6DD4CF11-44E9-4596-9397-AF7DBD81277B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"DE979976-11C7-4AFF-8BE4-A094CC9C39CF\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"34A88673-CDD5-48FC-9491-6852324E26EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"8D82BCD8-136A-476C-AC86-710CA8B32EB7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"377DE308-CF91-488A-B296-30A3B09451D3\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"F53FFE68-BE06-4F16-8C33-58711E86E254\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"C0FE692A-CD63-4354-B599-2F47EEEFDD37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"B2F02EC0-E6C2-4E00-9804-043982D88BCE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"E9BB7368-B6F8-462F-B17F-02CFBB0EE310\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"672067B7-C838-4F0B-B3D0-E85F71715B0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"A4C17D18-1172-4396-9099-F1F5EAEACE5A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"86BE84EA-63BC-49A2-8004-830255114059\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"F7280AA3-6EB0-4D9B-895B-B6883071740E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"95617B72-E7D8-44D2-AFF2-976595A72AFA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"7480CF69-7BEC-4582-85BB-58A6CBC51171\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"16795277-E8E2-4713-BD65-207655546649\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"0835E39B-F21E-4231-A4B9-5D511FF1B87A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"6EDE9EC9-8079-434F-8510-3DB4E3051BCA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"F005EFFD-3A40-4762-B0D6-8760C406130F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"8705476E-A246-4B57-A0E1-FD626C1B0DE5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"4C3AA014-6241-4EBA-BF9F-65D3D869C6E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"18CD2C82-0080-495E-8A11-957E0C182A48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"3C508A36-C041-406C-9C8A-A396C6EDC750\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"D263C0C1-55C6-4AC3-B738-9F099C583AA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"E912382D-131E-40F2-A337-72D6F2A3AD23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"91ED3C5E-92E8-44CF-AA99-A38C60AE677E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"F16999CA-0EE1-4F56-AF60-8F002B5F7CCE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"47962DDC-899F-4A98-ABF7-CC8A1AE7FF1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"46A7F81E-84A2-4304-B18F-53E5CDBCEA43\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"3FB67297-BDD9-4D15-9247-0F1A589D7450\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"E4958167-AB1F-4458-A06B-1B2DA313EEBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"D982C3E6-43DE-4AA8-889F-044E70C7FCB2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"2A96D578-675E-4B63-851F-CB71A92B25B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"944B8F9C-E5C6-4DA8-BF2B-1C0B6A388BC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"7DB6C626-BA78-4C06-8582-BFFCDF957429\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"2765BBF9-8450-4889-9961-2C6DE64656F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"DCFAFFAC-000C-414D-83CF-B8B2C529D9CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"E68BFC75-6977-4644-A169-48263B896849\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"EDD85839-D8F4-4651-ABAC-9F092955785B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"1871634A-7609-4D01-8469-3D86F36DC19D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"603324D6-FE7A-4209-B92B-94EF09AB5FF2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"D0D0A53D-5911-4406-8264-FC85ADDDD007\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"220FD008-8919-48D4-84CF-8C4D99C3C474\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"1935A1CF-50B2-4572-AA06-3504DB25B954\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"57114710-113A-4F2E-A5C2-07AB7BBC7354\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"077EBF51-B843-48B7-B31C-4BE1C99CE6F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"5EAC82FA-41CC-425A-89A0-CC9E2BF678EE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"8A0A03A5-3120-4D8D-A580-E7546A740D61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.9\", \"matchCriteriaId\": \"338010BF-EFC6-42B9-9F12-865C48D421EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndExcluding\": \"16.1.4\", \"matchCriteriaId\": \"14776B4F-DDEC-4B22-82A5-EA231B3895F0\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"\\nWhen running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system.\\u00a0 A successful exploit can allow the attacker to cross a security boundary.\\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\"}, {\"lang\": \"es\", \"value\": \"Cuando se ejecuta en modo Appliance, un usuario autenticado al que se le haya asignado la funci\\u00f3n de Administrator puede evitar las restricciones del modo Appliance, utilizando el monitor externo BIG-IP en un sistema BIG-IP. Un exploit exitoso puede permitir al atacante cruzar un l\\u00edmite de seguridad. Nota: Las versiones de software que han llegado al End of Technical Support (EoTS) no se eval\\u00faan.\"}]",
      "id": "CVE-2023-43746",
      "lastModified": "2024-11-21T08:24:42.570",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"f5sirt@f5.com\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N\", \"baseScore\": 8.7, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 5.8}]}",
      "published": "2023-10-10T13:15:21.783",
      "references": "[{\"url\": \"https://my.f5.com/manage/s/article/K41072952\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://my.f5.com/manage/s/article/K41072952\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "f5sirt@f5.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"f5sirt@f5.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-267\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-43746\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2023-10-10T13:15:21.783\",\"lastModified\":\"2024-11-21T08:24:42.570\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nWhen running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system.\u00a0 A successful exploit can allow the attacker to cross a security boundary.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\"},{\"lang\":\"es\",\"value\":\"Cuando se ejecuta en modo Appliance, un usuario autenticado al que se le haya asignado la funci\u00f3n de Administrator puede evitar las restricciones del modo Appliance, utilizando el monitor externo BIG-IP en un sistema BIG-IP. Un exploit exitoso puede permitir al atacante cruzar un l\u00edmite de seguridad. Nota: Las versiones de software que han llegado al End of Technical Support (EoTS) no se eval\u00faan.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"f5sirt@f5.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":5.8}]},\"weaknesses\":[{\"source\":\"f5sirt@f5.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-267\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"94E0B611-902C-46BC-A099-881398828F0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"F11226F6-9080-4126-ACBD-7211A2746214\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"A8F16422-A642-4614-96F2-E5B4877E8206\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"4AF2DF45-D15E-4239-A66C-9F8A924E383A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"6DD4CF11-44E9-4596-9397-AF7DBD81277B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"DE979976-11C7-4AFF-8BE4-A094CC9C39CF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"34A88673-CDD5-48FC-9491-6852324E26EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"8D82BCD8-136A-476C-AC86-710CA8B32EB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"377DE308-CF91-488A-B296-30A3B09451D3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F53FFE68-BE06-4F16-8C33-58711E86E254\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"C0FE692A-CD63-4354-B599-2F47EEEFDD37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"B2F02EC0-E6C2-4E00-9804-043982D88BCE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"E9BB7368-B6F8-462F-B17F-02CFBB0EE310\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"672067B7-C838-4F0B-B3D0-E85F71715B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"A4C17D18-1172-4396-9099-F1F5EAEACE5A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"86BE84EA-63BC-49A2-8004-830255114059\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"F7280AA3-6EB0-4D9B-895B-B6883071740E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"95617B72-E7D8-44D2-AFF2-976595A72AFA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7480CF69-7BEC-4582-85BB-58A6CBC51171\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"16795277-E8E2-4713-BD65-207655546649\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"0835E39B-F21E-4231-A4B9-5D511FF1B87A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"6EDE9EC9-8079-434F-8510-3DB4E3051BCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"F005EFFD-3A40-4762-B0D6-8760C406130F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"8705476E-A246-4B57-A0E1-FD626C1B0DE5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"4C3AA014-6241-4EBA-BF9F-65D3D869C6E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"18CD2C82-0080-495E-8A11-957E0C182A48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"3C508A36-C041-406C-9C8A-A396C6EDC750\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"D263C0C1-55C6-4AC3-B738-9F099C583AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"E912382D-131E-40F2-A337-72D6F2A3AD23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"91ED3C5E-92E8-44CF-AA99-A38C60AE677E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F16999CA-0EE1-4F56-AF60-8F002B5F7CCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"47962DDC-899F-4A98-ABF7-CC8A1AE7FF1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"46A7F81E-84A2-4304-B18F-53E5CDBCEA43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"3FB67297-BDD9-4D15-9247-0F1A589D7450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"E4958167-AB1F-4458-A06B-1B2DA313EEBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"D982C3E6-43DE-4AA8-889F-044E70C7FCB2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"2A96D578-675E-4B63-851F-CB71A92B25B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"944B8F9C-E5C6-4DA8-BF2B-1C0B6A388BC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"7DB6C626-BA78-4C06-8582-BFFCDF957429\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"2765BBF9-8450-4889-9961-2C6DE64656F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"DCFAFFAC-000C-414D-83CF-B8B2C529D9CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"E68BFC75-6977-4644-A169-48263B896849\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"EDD85839-D8F4-4651-ABAC-9F092955785B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"1871634A-7609-4D01-8469-3D86F36DC19D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"603324D6-FE7A-4209-B92B-94EF09AB5FF2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"D0D0A53D-5911-4406-8264-FC85ADDDD007\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"220FD008-8919-48D4-84CF-8C4D99C3C474\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"1935A1CF-50B2-4572-AA06-3504DB25B954\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"57114710-113A-4F2E-A5C2-07AB7BBC7354\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"077EBF51-B843-48B7-B31C-4BE1C99CE6F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"5EAC82FA-41CC-425A-89A0-CC9E2BF678EE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"8A0A03A5-3120-4D8D-A580-E7546A740D61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.9\",\"matchCriteriaId\":\"338010BF-EFC6-42B9-9F12-865C48D421EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndExcluding\":\"16.1.4\",\"matchCriteriaId\":\"14776B4F-DDEC-4B22-82A5-EA231B3895F0\"}]}]}],\"references\":[{\"url\":\"https://my.f5.com/manage/s/article/K41072952\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K41072952\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://my.f5.com/manage/s/article/K41072952\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T19:52:10.839Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-43746\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-18T18:37:26.762965Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-18T18:37:33.134Z\"}}], \"cna\": {\"title\": \"BIG-IP Appliance mode external monitor vulnerability\", \"source\": {\"discovery\": \"INTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"F5\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"Appliance Mode Only\"}]}], \"affected\": [{\"vendor\": \"F5\", \"modules\": [\"All Modules\"], \"product\": \"BIG-IP\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"17.1.0\", \"lessThan\": \"*\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"16.1.0\", \"lessThan\": \"16.1.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"15.1.0\", \"lessThan\": \"15.1.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"14.1.0\", \"lessThan\": \"*\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"13.1.0\", \"lessThan\": \"*\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"datePublic\": \"2023-10-18T14:00:00.000Z\", \"references\": [{\"url\": \"https://my.f5.com/manage/s/article/K41072952\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"F5 SIRTBot v1.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\nWhen running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system.\\u00a0 A successful exploit can allow the attacker to cross a security boundary.\\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eWhen running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system.\u0026nbsp; A successful exploit can allow the attacker to cross a security boundary.\u003c/span\u003e\u0026nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-267\", \"description\": \"CWE-267 Privilege Defined With Unsafe Action\"}]}], \"providerMetadata\": {\"orgId\": \"9dacffd4-cb11-413f-8451-fbbfd4ddc0ab\", \"shortName\": \"f5\", \"dateUpdated\": \"2023-10-10T12:36:52.839Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-43746\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-18T18:38:18.822Z\", \"dateReserved\": \"2023-10-05T19:17:25.706Z\", \"assignerOrgId\": \"9dacffd4-cb11-413f-8451-fbbfd4ddc0ab\", \"datePublished\": \"2023-10-10T12:36:52.839Z\", \"assignerShortName\": \"f5\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.