CVE-2023-46748: F5 BIG-IP Configuration Utility SQL Injection
F5 BIG-IP Configuration Utility SQL Injection Vulnerability. F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with network access through the BIG-IP management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46747.
- CISA KEV-listed (remediation due 2023-11-21)
- EPSS 4.3% (89.2% percentile)