On F5OS-A beginning in version 1.2.0 to before 1.3.0 and F5OS-C beginning in version 1.3.0 to before 1.5.0, processing F5OS tenant file names may allow for command injection. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Link | Resource |
---|---|
https://my.f5.com/manage/s/article/K06345931 | Vendor Advisory |
Configurations
History
07 Nov 2023, 04:07
Type | Values Removed | Values Added |
---|---|---|
Summary | On F5OS-A beginning in version 1.2.0 to before 1.3.0 and F5OS-C beginning in version 1.3.0 to before 1.5.0, processing F5OS tenant file names may allow for command injection. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
Information
Published : 2023-02-01 18:15
Updated : 2024-02-28 19:51
NVD link : CVE-2023-22657
Mitre link : CVE-2023-22657
CVE.ORG link : CVE-2023-22657
JSON object : View
Products Affected
f5
- f5os-a
- f5os-c
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')