On F5OS-A beginning in version 1.2.0 to before 1.3.0 and F5OS-C beginning in version 1.3.0 to before 1.5.0, processing F5OS tenant file names may allow for command injection. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Link | Resource |
---|---|
https://my.f5.com/manage/s/article/K06345931 | Vendor Advisory |
https://my.f5.com/manage/s/article/K06345931 | Vendor Advisory |
Configurations
History
21 Nov 2024, 07:45
Type | Values Removed | Values Added |
---|---|---|
References | () https://my.f5.com/manage/s/article/K06345931 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.0 |
07 Nov 2023, 04:07
Type | Values Removed | Values Added |
---|---|---|
Summary | On F5OS-A beginning in version 1.2.0 to before 1.3.0 and F5OS-C beginning in version 1.3.0 to before 1.5.0, processing F5OS tenant file names may allow for command injection. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
Information
Published : 2023-02-01 18:15
Updated : 2024-11-21 07:45
NVD link : CVE-2023-22657
Mitre link : CVE-2023-22657
CVE.ORG link : CVE-2023-22657
JSON object : View
Products Affected
f5
- f5os-a
- f5os-c
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')