F5 BIG-IP Fraud Protection Service 17.1.0.1

CPE Details

F5 BIG-IP Fraud Protection Service 17.1.0.1
f5
big-ip_fraud_protection_service
17.1.0.1
2023-05-09
14h34 +00:00
2023-05-12
13h38 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0.1:*:*:*:*:*:*:*

Informations

Vendor

f5

Product

big-ip_fraud_protection_service

Version

17.1.0.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-41373 2023-10-10 12h33 +00:00 A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated attacker to execute commands on the BIG-IP system. For BIG-IP system running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
9.9
Critical
CVE-2023-38423 2023-08-02 15h55 +00:00 A cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
5.4
Medium
CVE-2023-38419 2023-08-02 15h55 +00:00 An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
4.3
Medium
CVE-2023-38138 2023-08-02 15h55 +00:00 A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which allows an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
7.5
High