virus logo Intrusion Prevention

F5.BIG-IP.TMUI.AJP.Smuggling.Authentication.Bypass

description-logoDescription

This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in F5 BIG-IP.
This vulnerability is due to lack of validation of user-supplied inputs. Successful exploitation could lead to remote code execution in the context of the vulnerable application.

affected-products-logoAffected Products

F5 BIG-IP 17.x versions prior to 17.1.0.3
F5 BIG-IP 16.x versions prior to 16.1.4.1
F5 BIG-IP 15.x versions prior to 15.1.10.2
F5 BIG-IP 14.x versions prior to 14.1.5.6
F5 BIG-IP 13.x versions prior to 13.1.5.1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://my.f5.com/manage/s/article/K000137353

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2023-11-07 26.672
Modified
 Sig Added
2023-11-07 26.672
Modified
 Default_action:pass:drop
2023-11-02 26.670
New
ID 54324
Created Nov 01, 2023
Updated Dec 04, 2023
CVE ID
Tags Threat Signal
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 94.44%
Default Action drop
Active
Affected OS Linux
Affected App Other
Profile Type Permission/Privilege/Access Control