F5 BIG-IP Configuration Utility Authentication Bypass (CVE-2023-46747)
Description
What is the Attack? |
The vulnerability allows an unauthenticated attacker to exploit an authentication bypass vulnerability in F5 BIG-IP system. The exploit requires a network access through the management port to execute arbitrary system commands. F5 has warned their customers that threat actors are actively exploiting the vulnerability. |
What is the Vendor Solution?
|
F5 has released relevant firmware updates for the affected products. For more information, visit here.
|
What FortiGuard Coverage is available? |
FortiGuard Labs has an IPS signature "F5.BIG-IP.TMUI.AJP.Smuggling.Authentication.Bypass" to detect and block any attack targeting the vulnerability.
FortiGuard Labs also advises users to install the latest available patches as soon as possible. |
Telemetry
✖