Forum Discussion
BIG-IP Configuration utility vulnerability CVE-2023-38138
- Aug 03, 2023
Hello THE_BLUE
all CVE's that F5 documents in its Security Advisory series specifically refer to vulnerabilities that affect/compromise F5 products only, in this case BIG-IP.
Any application that runs on-top of the BIG-IP, like an HTTP portal, will not be covered.So, unless xxx.com resolves to an IP address on the BIG-IP that allows Configuration Utility access (webI or SSH), it shoudn't be considered as an attack vector.
Hello THE_BLUE
all CVE's that F5 documents in its Security Advisory series specifically refer to vulnerabilities that affect/compromise F5 products only, in this case BIG-IP.
Any application that runs on-top of the BIG-IP, like an HTTP portal, will not be covered.
So, unless xxx.com resolves to an IP address on the BIG-IP that allows Configuration Utility access (webI or SSH), it shoudn't be considered as an attack vector.
- THE_BLUEAug 03, 2023CirrostratusThank you
So, unless xxx.com resolves to an IP address on the BIG-IP that allows Configuration Utility access (webI or SSH), it shoudn't be considered as an attack vector.
this mean if xxx.com secure by waf and it's mapped to xxx server . this will not have affect to WAF because there is no relation between xxx.com and WAF ssh .
so this vulnerability will be compromised by users who have access to WAF , right?
- CA_ValliAug 03, 2023MVP
THE_BLUE wrote:
this will not have affect to WAF because there is no relation between xxx.com and WAF ssh .
Correct
THE_BLUE wrote:so this vulnerability will be compromised by users who have access to WAF , right?
Correct again - user needs to be logged to the WAF, and send a packet that contains the specific URL (undisclosed so far) that opens the attack vector.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com