Rewterz Threat Advisory – CVE-2023-6847 – GitHub Enterprise Server Vulnerability
January 4, 2024Rewterz Threat Advisory – CVE-2023-44807 – D-Link DIR-820L Vulnerability
January 4, 2024Rewterz Threat Advisory – CVE-2023-6847 – GitHub Enterprise Server Vulnerability
January 4, 2024Rewterz Threat Advisory – CVE-2023-44807 – D-Link DIR-820L Vulnerability
January 4, 2024Severity
High
Analysis Summary
CVE-2023-40537
F5 BIG-IP could allow a remote attacker to bypass security restrictions, caused by improper validating session cookie for a limited time after logging out from the Configuration utility on a multi-blade VIPRION platform. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass access restrictions.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-40537
Affected Vendors
F5
Affected Products
- F5 BIG-IP 14.1.0
- F5 BIG-IP 13.1.0
- F5 BIG-IP 15.1.0
- F5 BIG-IP 16.1.0
- F5 BIG-IP 13.1.5
- F5 BIG-IP 16.1.3
- F5 BIG-IP 14.1.5
- F5 BIG-IP 15.1.8
Remediation
Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.