Home

Description

Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

PUBLISHED Reserved 2023-10-05 | Published 2023-10-10 | Updated 2024-09-18 | Assigner f5




MEDIUM: 4.4CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status
unknown

17.1.0 (semver) before *
unaffected

16.1.0 (semver) before 16.1.4
affected

15.1.0 (semver) before 15.1.9
affected

14.1.0 (semver) before *
affected

13.1.0 (semver) before *
affected

Credits

F5 finder

References

my.f5.com/manage/s/article/K20307245 vendor-advisory

my.f5.com/manage/s/article/K20307245 vendor-advisory

cve.org (CVE-2023-45219)

nvd.nist.gov (CVE-2023-45219)

Download JSON