CVE-2023-45219 MEDIUM

CVE-2023-45219: BIG-IP tmsh vulnerability

Vendor F5
Product BIG-IP
Weakness CWE-200 · Info exposure
Published October 10, 2023
Last update September 18, 2024

CVSS base score

4.4/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Key dates

02Disclosure timeline

October 10, 2023 CVE published
September 18, 2024 Record updated

Related vulnerabilities

04Related CVE