CVE-2021-23046

MEDIUM

Guided Configuration <8.0.0 - Info Disclosure

Title source: llm

Description

On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://support.f5.com/csp/article/K70652532

Scores

CVSS v3 4.9

EPSS 0.0024

EPSS Percentile 47.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-532

Status published

Products (2)

f5/big-ip_access_policy_manager 13.1.0 - 13.1.4

f5/big-ip_guided_configuration < 8.0.0

Published Sep 14, 2021

Tracked Since Feb 18, 2026