virus logo Web Application Security

090502450 - F5.BIG-IP.Next.Central.Manager.login.SQL.Injection

description-logoDescription

This indicates an attack attempt to exploit an SQL Injection Vulnerability in F5 BIG-IP Next Central Manager.
The vulnerability is due to insufficient validation of user-supplied inputs. An unauthenticated attacker can exploit this vulnerability to execute malicious SQL statements through the F5 BIG-IP NEXT Central Manager API.

affected-products-logoAffected Products

F5 BIG-IP Next Central Manager 20.x prior to 20.2.0

Impact logoImpact

System Compromise: Remote attackers can add, view, delete or modify data in the database of the affected application.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://my.f5.com/manage/s/article/K000138733

Version Updates

Date Version Status Detail
2025-11-14 0.00414
New
ID 1090502450
Created Nov 14, 2025
Updated Nov 14, 2025
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action pass
Active
Affected OS Linux
Affected App Other
Engine Version 5.0.0 or later