F5 BIG-IP Remote Code Execution Vulnerability (CVE-2023-46747) Notification
F5 has released a security announcement to fix a remote code execution vulnerability in BIG-IP (CVE-2023-46747). The vulnerability is due to the problem of F5 BIG-IP forwarding AJP protocol through Apache httpd, which allows requests to be smuggled and bypass permission verification. Unauthenticated remote attackers can access the BIG-IP system through the management interface or their own IP address, enabling arbitrary system command execution. The CVSS score is 9.8, and affected users should take measures as soon as possible. Affected versions include BIG-IP 17.x <= 17.1.0, 16.1.0 <= BIG-IP <= 16.1.4, 15.1.0 <= BIG-IP <= 15.1.10, 14.1.0 <= BIG-IP <= 14.1.5, and 13.1.0 <= BIG-IP <= 13.1.5. Unaffected versions are BIG-IP-F5 >= 17.1.0.3+Hotfix, BIG-IP-F5 >= 16.1.4.1+Hotfix, BIG-IP-F5 >= 15.1.10.2+Hotfix, BIG-IP-F5 >= 14.1.5.6+Hotfix, and BIG-IP-F5 >= 13.1.5.1+Hotfix. Users can check their current version by entering the command "show/sys version" in the TMOS shell (tmsh) or by logging in to the web management interface. To mitigate the vulnerability, affected users should upgrade to a secure version provided by F5 as soon as possible. If users are unable to perform the upgrade operation, they can download and execute a script provided by F5 as a temporary measure or block or restrict network access to related programs before upgrading and installing a new version. CVEs: CVE-2023-22374, CVE-2022-1388, CVE-2023-46747 [View Article](https://nsfocusglobal.com/f5-big-ip-remote-code-execution-vulnerability-cve-2023-46747-notification/)