Exploitation Summary
CVE-2023-46748 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added October 31, 2023.
Description
An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
References (3)
Core 3
Core References
Exploit, Third Party Advisory
https://www.secpod.com/blog/f5-issues-warning-big-ip-vulnerability-used-in-active-exploit-chain/
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46748
Vendor Advisory vendor-advisory
https://my.f5.com/manage/s/article/K000137365
Scores
CVSS v3
8.8
EPSS
0.0435
EPSS Percentile
89.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2023-10-31
VulnCheck KEV
2023-10-30
InTheWild.io
2023-10-31
ENISA EUVD
EUVD-2023-50917
CWE
CWE-89
Status
published
Products (20)
f5/big-ip_access_policy_manager
13.1.0 - 13.1.5
f5/big-ip_advanced_firewall_manager
13.1.0 - 13.1.5
f5/big-ip_advanced_web_application_firewall
13.1.0 - 13.1.5
f5/big-ip_analytics
13.1.0 - 13.1.5
f5/big-ip_application_acceleration_manager
13.1.0 - 13.1.5
f5/big-ip_application_security_manager
13.1.0 - 13.1.5
f5/big-ip_application_visibility_and_reporting
13.1.0 - 13.1.5
f5/big-ip_automation_toolchain
13.1.0 - 13.1.5
f5/big-ip_carrier-grade_nat
13.1.0 - 13.1.5
f5/big-ip_container_ingress_services
13.1.0 - 13.1.5
... and 10 more
Published
Oct 26, 2023
KEV Added
Oct 31, 2023
Tracked Since
Feb 18, 2026