4.4
CVE-2023-39447
- EPSS 0.15%
- Veröffentlicht 10.10.2023 13:15:20
- Zuletzt bearbeitet 21.11.2024 08:15:26
- Quelle f5sirt@f5.com
- Teams Watchlist Login
- Unerledigt Login
When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
F5 ≫ Big-ip Access Policy Manager Version >= 15.1.0 < 15.1.8
F5 ≫ Big-ip Access Policy Manager Version >= 16.1.0 < 16.1.4
F5 ≫ Big-ip Access Policy Manager Version17.0.0
F5 ≫ Big-ip Guided Configuration Version >= 7.0 <= 7.7
F5 ≫ Big-ip Guided Configuration Version6.0
F5 ≫ Big-ip Guided Configuration Version8.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.362 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| f5sirt@f5.com | 4.4 | 0.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.